Security Projects - Page 35

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

run0, A Safer Alternative to sudo, Introduced in Systemd v256

German software engineer Lennart Poettering recently presented run0, a new tool in systemd v256 that aims to address the security concerns associated with the widely used sudo command. Let's explore run0's implications for Linux admins and secur...
May 04, 2024
  0

How Debian 12 is Redefining Stability and Innovation in Open-Source OSes

The latest release of Debian, one of the oldest and mos...
May 01, 2024
  0
8.Locks HexConnections CodeGlobe Esm H115

CoCo VMs Will Now Panic If RdRand Is Broken in Linux 6.9

A significant change has been merged into the x86 fixes...
Apr 08, 2024
  0
19.Laptop Bed Esm H115

Discover Security Projects News

LS Hmepg 337x500 34 Esm H200

The state of Internet security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

While security vulnerability research can expose technical weaknesses that may be exploited, incident research provides in-depth information about the most common targets, motives and attack vectors of modern hackers.

LS Hmepg 337x500 34 Esm H200

Mark Cox: Top 11 Most Serious Flaw Types for 2009

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mark Cox, Director of Security Response at Red Hat, compiles a list of the top most serious security flaw types for 2009 and compares them with the past. During the creation and review of the list we spent some time to see how closely last years list matched the types of flaws we deal with at Red Hat. We first looked at all the issues that Red Hat fixed across our entire product portfolio in the 2009 calendar year and filtered out those that had the highest severity. All our 2009 vulnerabilities have CVSS scores, so we filtered on those that have a CVSS base score of 7.0 or above.

LS Hmepg 337x500 34 Esm H200

New approaches to virus protection

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Internet Storm Center (ISC) has made the effort to list the hash values of around 40 million programs contained in the US National Software Reference Library (NSRL) in a database in such a way that they can be retrieved via a web front end. This potentially presents an alternative to anti-virus scanners searching for malicious code.

LS Hmepg 337x500 34 Esm H200

Apache SpamAssassin 3.3.0 available

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a major release, incorporating enhancements and bug fixes that have accumulated in a year and a half of development since the 3.2.5 release. Apart from some new or changed dependencies on perl modules, this version is compatible to large extent with existing installations, so the upgrade is not expected to be problematic (neither is downgrading, if need arises). Please consult the list of known incompatibilities below before upgrading.

LS Hmepg 337x500 34 Esm H200

"Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!"

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Do you manage Apache based web server farms with Web Application Firewall (WAF) requirements that revolve primarily around a need for central thresholding/rate limiting features? Have you found an open source WAF solution that fulfills this need? Well if you haven't, I take extra special joy in the public sharing of two open projects that I'm involved with, serving the roles of cheerleader ;), tester and injecting scope creep whenever possible to solve various forms of abuse.

LS Hmepg 337x500 34 Esm H200

49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Arbor has released their 2009 Worldwide Infrastructure Security Report and it is an interesting read. The largest DDoS increased nearly 5-fold from 2004 to 2008 (and doubled from 2006 to 2008) to 49Gbps. At that size, you definitely need the assistance of your upstream service provider to mitigate. The report also shows the continuing trend of not reporting/referring attacks to law enforcement.

LS Hmepg 337x500 34 Esm H200

DDoS Returns: What Researchers Are Learning About Targets, Tactics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The ability of attackers to dig deeper and wider thanks to the proliferation of botnets was covered in the first article of this series, DDoS Attacks Are Back (and Bigger Than Before). The trend is also covered at length in The Botnet Hunters. In this article, two IT security practitioners -- one with experience in dealing with DDoS attacks against government systems, the other an expert from the corporate side -- share what they've learned about the targets chosen for DDoS attacks and how to adjust security strategies based on those lessons.

LS Hmepg 337x500 34 Esm H200

PHP 5.3.1 Released, Security Beefed Up

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The PHP development team recently introduced the latest version of the new PHP 5.3 branch, PHP 5.3.1. This version essentially does not change the essential core 5.3 PHP engine, but by focusing on stability and security, the PHP team has introduced more than 100 bug fixes and tweaks to the overall framework.

LS Hmepg 337x500 34 Esm H200

When Vulnerability Management Meets Compliance

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Finding and fixing security vulnerabilities in an enterprise is tough enough without someone looking over your shoulder. But when regulatory compliance requirements are involved -- and the auditors who come with them -- the process of vulnerability management brings on a new set of challenges.

LS Hmepg 337x500 34 Esm H200

Establishing a Security Framework

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When it comes to securing your Linux system -- or any other system, for that matter -- the first step is to set up a security policy, a set of guidelines that state what you enable users (as well as visitors over the Internet) to do on your Linux system. The level of security you establish depends on how you use the system -- and on how much is at risk if someone gains unauthorized access to it.

LS Hmepg 337x500 34 Esm H200

How security will look in 10 years look

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Tom Espiner surveys the security landscape for the shape of things to come. When my editor asked me to predict what would happen to security over the coming year, and over the next 10 years, my heart sank. The permanency of internet publishing, caching and so forth means predictions have a habit of coming back to haunt you.

LS Hmepg 337x500 34 Esm H200

10 Greatest Open Source Software Of 2009

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Great summary of the best free (as in speech and beer) applications of 2009, including TrueCrypt Free open-source disk encryption (real-time on-the-fly encryption) software for Windows, Mac OS X, and Linux (for Linux I prefer native disk encryption). From the wikipedia: It can create a virtual encrypted disk within a file or a device-hosted encrypted volume on either an individual partition or an entire storage device. It supports Microsoft Windows, Mac OS X and Linux (using FUSE) and encrypted volumes can be made portable. The version for Windows Vista or XP can encrypt the boot partition or entire boot drive and has the ability to create and run a hidden encrypted operating system whose existence is deniable.

LS Hmepg 337x500 34 Esm H200

Linux Advisory Watch: Dec 18th, 2009

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. Vulnerabilities exist for virtually every vendor, every week. Check this newsletter to be sure your distribution is secure.

LS Hmepg 337x500 34 Esm H200

Honeynet research lifts the lid on spam trends

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Stats from the one billion spam messages blocked by Project Honey Pot over the last five years provide an insight into junk mail trends and spamming practices. The Honey Pot project was formed by a community of web administrators as an alliance against online fraud and abuse back in 2004. The group now numbers 40,000 members in 170 countries, making it the biggest effort of its kind on the web.

LS Hmepg 337x500 34 Esm H200

Linux Security Kernel Clean-Up

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

While Windows has more security problem than a barn dog has fleas, Linux isn't immune to having its own security holes. Recently, two significant bugs were found, and then smashed. To make sure you don't get bit, you should patch your Linux system sooner rather than later.

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved