This week, perhaps the most interesting articles include "How to Make a Honeypot Network Security System Pay Off," "," and "NSA Operating Systems Guides."

Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LinuxSecurity.com Feature Extras:

RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.

pgp Key Signing Observations: Overlooked Social and Technical Considerations - While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. with "subscribe" as the subject.

Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

Security on your mind?

Protect your home and business networks with the free, community version of EnGarde Secure Linux. Don't rely only on a firewall to protect your network, because firewalls can be bypassed. EnGarde Secure Linux is a security-focused Linux distribution made to protect your users and their data.

Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

Report: U.S. most prolific source of online attacks
20th, March, 2007

U.S. networks pumped out the highest percentage of attacks during the second half of last year, with China running a distant second, according to a report released Monday by security firm Symantec. The U.S. accounted for 31 percent of malicious activity originating from computer networks, while 10 percent came from China and 7 percent from Germany, Symantec said in its Internet Security Threat Report.

Podcast: Common Mistakes Made By IT Administrators
19th, March, 2007

The speaker is George Gerchow, the Technology Strategist for Configuresoft and a active member of the Center for Policy & Compliance, a research and advisory group designed to address the issues of managing security within strict metrics.
Protection From The Inside Out
19th, March, 2007

To stop data leakage, try a two-punch strategy that combines outbound content-monitoring tools with digital rights-management appliances.

A disgruntled employee here, a careless one there, and just about any enterprise can find itself facing a mountain of trouble from confidential information made public. Help is at hand. Armed with increasingly sophisticated outbound-content monitors, information security officers finally have the weapons they need to conquer the threat of data leakage.

news/network-security/protection-from-the-inside-out
A new day for business security
20th, March, 2007

It might not seem as if a building security guard and a network administrator have much in common. But they do--and the distinction between the two is blurring more every day.

It's true that the people who control building access from security desks and those securing computer networks both watch traffic and walk perimeters to safeguard an organization's assets. But now, technology, tighter security controls, federal regulations and potential cost benefits are bringing the two traditionally separate worlds together--and the convergence is driving industry alliances that may have seemed unusual in the past.

news/network-security/a-new-day-for-business-security
How to Make a Honeypot Network Security System Pay Off
22nd, March, 2007

Honeypots have largely been relegated to use by academia and antivirus vendors because most enterprise IT teams figure they're too expensive to run and could land their companies in legal trouble. But honeypots aren't as scary as all that, according to an expert on the topic who spoke at the InfoSec World Conference & Expo in Orlando Tuesday.

news/network-security/how-to-make-a-honeypot-network-security-system-pay-off
Novell Delivers Next-Generation Security Information solution
23rd, March, 2007

Novell introduced the latest version of Sentinel, its award-winning security information and event management solution. Representing a significant update from previous versions, Sentinel from Novell version 6.0 offers new capabilities for automating real-time monitoring of the enterprise security environment, identifying and remediating security incidents and documenting regulatory compliance.

news/network-security/novell-delivers-next-generation-security-information-solution
VoIP Still Faces Security Hangups
24th, March, 2007

After legal and regulatory victories, Internet voice remains a consumer play, as businesses remain skeptical.

Though Internet voice providers are overcoming some regulatory and legal hurdles, the major barrier standing between them and the mainstream corporate market is still a glaring lack of security, analysts say.

news/network-security/voip-still-faces-security-hangups
Tools Fight Forensics
20th, March, 2007

A breadth of anti-forensics tools -- most of them free -- is making it easier for the bad guys to cover their tracks in malware and data theft attacks.

"The bottom line is most criminals are not the brightest bolts in the box and they tend to make mistakes, which forensics has been able to use to its advantage," says Paul Henry, vice president of technology evangelism for Secure Computing. Henry will discuss the increasingly popular anti-forensics tools at a session at InfoSec World in Orlando this week. "But a smarter individual can [today] easily find tools to cover his tracks."

NSA Operating Systems Guides
20th, March, 2007

NSA has developed and distributed configuration guidance for operating systems. These guides are currently being used throughout the government and by numerous entities as a security baseline their systems.

news/server-security/nsa-operating-systems-guides
Red Hat Release Coincides with Host of Related Application, Kernel Fixes
19th, March, 2007

It turns out that, after years of engineering work and collaboration efforts with strategic partners such as IBM, Red Hat's March 14 release of Red Hat Enterprise Linux 5 had the misfortune of coinciding with the company's release of a whopping 11 security advisories.

news/vendors-products/red-hat-release-coincides-with-host-of-related-application-kernel-fixes
Top 10 Security Threats in 2007
17th, March, 2007

The Top 10 threats security professionals should keep their eye on this year

If there is one thing that we have learned in the Internet age, it is that security professionals and hackers are in a constant battle to protect and exploit vulnerabilities. As security solutions are developed in one area, hackers move on to look for weakness in others.

Biometrics: what and how
19th, March, 2007

Humans use body characteristics to recognize each other. Some characteristics don't change over time and some do. What characteristics do we use for identifying people? Are they accurate? Can we depend on them in our daily life?
ALT+NUMPAD ASCII Key Combos: The