Security Projects - Page 40 - Results from #780

Discover Security Projects News

OSSEC v1.0 available

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, Windows registry monitoring, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, *BSD, Windows and Mac. This version comes with numerous new features and bug fixes, including support for registry monitoring on Windows, dynamic/nat'ed IP addresses in the server/agent communication, ASL (Apple system log), Lotus domino , Symantec AV, Windows RAR.

LinuxSecurity.com Team
Jan 15, 2007

Free bug scan offered for Java apps

Code auditing firm Fortify Software announced on Monday that the company is teaming up with quality-testing project FindBugs to offer a free scanning service to any Java programmer aimed at automatically detecting quality defects and security bugs. The project, dubbed Java Open Review, will allow any project written in Java to be submitted by a contributor to be scanned using both Fortify's auditing tool and the FindBugs engine. The two organizations have already scanned ten open-source projects written in Java, including the Azureus Bittorrent application, the Zimbra Web e-mail server, and the Apache Tomcat Java server.

LinuxSecurity.com Team
Dec 13, 2006

Computers, Networks and Theft

Cybercrime has evolved considerably over the past few years with new technologies being created and applied. As a result, cybercrime is no longer committed by individual amateurs; it

LinuxSecurity.com Team
Oct 23, 2006

OSSEC HIDS v0.9-3 Available

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. This new release comes with multiple features, including support for Modsecurity logs, MS exchange, MS FTPD and Windows firewall logs. It also includes a port to HP-UX and numerous bug fixes and new features.

LinuxSecurity.com Team
Oct 20, 2006

Scalable anonymity with I2P

The Invisible Internet Project (I2P) is a work in progress whose aim is to provide a secure version of the IP protocol that addresses threats common to the standard TCP/IP networking infrastructure -- most importantly, the effortless identification and tracking of participating peers. In I2P, each participating peer keeps a secret pool of inbound, or data-receiving, and outbound, or data-transmitting, tunnels it chooses itself. A tunnel consists of a configurable number of routers in sequence, where longer tunnels mean more anonymity, at the expense of performance.

LinuxSecurity.com Team
Sep 18, 2006

Red Hat, NIST Plan Software Vulnerability Database

Red Hat is developing a new software vulnerability database with the National Institute of Standards and Technology (NIST). The database will give vendors of both open source and proprietary software a place to post official statements and security related information pertaining to their own projects and products.

LinuxSecurity.com Team
Sep 08, 2006

Machine learning used to block SQL injection hacks

UK company Secerno has devised an innovative way to detect when a database is being attacked using the SQL (Structured Query Language) injection hacking technique.

LinuxSecurity.com Team
Aug 29, 2006

Password Safe

Password Safe is an Open Source (free) tool that allows you to have a different password for all the different programs and websites that you deal with, without actually having to remember all those usernames and passwords. Password Safe runs on PCs under Windows (95/98/NT/2000/XP). An older (but fully functional) version is available for PocketPC. Linux/Unix clones that use the same database format have also been written. Originally created by Bruce Schneier's Counterpane Labs, Password Safe has opened it's source. Currently, the PasswordSafe Open Source project is being administered by Rony Shapiro (GPG key FA175557 fingerprint FF77 379D D46D DAA6 6182 B452 1D79 5A91 FA17 5557). The first maintainer of the Open Source versions of PasswordSafe was Jim Russell. Learn about the dangers of reusing passwords in an informative guide.

LinuxSecurity.com Team
Aug 22, 2006

Whitebox Security Testing Using Code Scanning

Whitebox testing is notoriously difficult to do. Without automatic code scanning tools, scanning the source code requires a keen eye, concentration and an enormous amount of time to scan each line for security vulnerabilities. As intruders become more sophisticated at finding security vulnerabilities and writing exploitative code, it becomes more necessary to take every precaution before shipping software.These precautions can range from security training throughout the security development lifecycle (SDLC) to using tools such as source code scanners and vulnerability scanners.

LinuxSecurity.com Team
Aug 16, 2006

Dynamic linking in Linux and Windows, part one

This article discusses the shared libraries concept in both Windows and Linux, and offers a walk-through through various data structures to explain how dynamic linking is done in these operating systems. The paper will be useful for developers interested in the security implications and the relative speed of dynamic linking, and assumes some prior cursory knowledge with dynamic linking. Part one introduces the concepts for both Linux and Windows, but will focus primarily on Linux. Next time in part two, we'll discuss how it works in Windows and then continue to compare the two environments.

LinuxSecurity.com Team
Aug 15, 2006

Linux Netwosix: Goodbye, Netwosix

"Linux Netwosix was originally created with the goal of providing a security environment for building and creating new security-related solutions. With the passing of time I realized that the project has failed to achieve its goals within 3 years of hard work. This, among many reasons, is the most important because I never received help from anyone. Regardless of the fact that Netwosix has been downloaded by more than 60,000 users all around the world, I'm here to announce the shutting down of my dear project. Day after day I understand that I can't create a 'valid security-oriented product' alone..."

LinuxSecurity.com Team
Aug 10, 2006

Developing and Implementing an Operating Systems Security course with Labs

A core component of any curriculum in modern information security is the security of the operating systems that reside on the workstations and servers of a network. Effective information security depends on addressing all facets of how information is stored, moved, and modified. Since the operating system of a computer is the primary means of implementing the security of the information on that computer, it must be configured to minimize the risks of losing or compromising the data being processed.

LinuxSecurity.com Team
Aug 10, 2006

An open source security triple play

Want to protect your SOHO machine or LAN from rootkits and malware, but want something a little more real-time than simply running Chkrootkit or another rootkit detector after the fact? Consider OSSEC-HIDS, an open source host intrusion detection system.

LinuxSecurity.com Team
Aug 07, 2006

New Google feature flags dangerous sites

Google Inc. has begun alerting users whenever they click on a search result that may take them to a dangerous Web site.

LinuxSecurity.com Team
Aug 07, 2006

Security Company sponsors Open Source security software contest

Hurricane Labs, an Enterprise Open Source Security Company is sponsoring an Open Source Security Software contest. Information and prizes are listed at . If you're a primary developer on a security project please check it out and submit your project.

LinuxSecurity.com Team
Aug 01, 2006

SCADA system makers pushed toward security

Idaho National Laboratory and the New York State Office of Cyber Security and Critical Infrastructure have teamed up with utilities and makers of distributed control system software to offer advice on how to make system security a major part of the critical infrastructure.

LinuxSecurity.com Team
Jul 26, 2006

OSSEC HIDS v0.9 Available

LinuxSecurity.com Team
Jul 25, 2006

Networking sites could help hackers

Professional networking sites are unwittingly providing hackers with the possible means to carry out sophisticated social engineering scams, a UK security consultancy warns.

LinuxSecurity.com Team
Jul 16, 2006

Consortium builds super firewall to stop DDoS

Computer researchers in Europe are developing a new prototype architecture for halting distributed denial-of-service (DDoS) attacks, where a barrage of traffic is directed at a Web site or server to shut it down.

LinuxSecurity.com Team
Jul 14, 2006

Visa, MasterCard Unveil New Security Rules

Visa U.S.A. Inc. and MasterCard International Inc. will release new security rules in the next 30 to 60 days for all organizations that handle credit card data, a Visa official said last week. The rules will be the first major update to the one-year-old Payment Card Industry data security standard, which analysts said is slowly but surely being adopted.

LinuxSecurity.com Team
Jul 10, 2006

Security Projects - Page 40

CoCo VMs Will Now Panic If RdRand Is Broken in Linux 6.9

New GitHub Actions Enhancements Boost Security & Power

Tails 6.1 Released with Security, User Experience Enhancements