Security Projects - Page 41.25

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

CoCo VMs Will Now Panic If RdRand Is Broken in Linux 6.9

A significant change has been merged into the x86 fixes for Linux 6.9, requiring the seeding of RNG (Random Number Generation) with RdRand for CoCo (Confidential Computing) environments. The change focuses on CoCo virtual machines, designed to be as ...
Apr 08, 2024
  0

New GitHub Actions Enhancements Boost Security & Power

Recent enhancements have been made to GitHub Actions, a...
Apr 03, 2024
  0
31.Lock DigitalRoom Esm H115

Tails 6.1 Released with Security, User Experience Enhancements

Tails 6.1 has been released as the latest version of th...
Mar 27, 2024
  0
10.FingerPrint Locks Esm H115

Discover Security Projects News

LS Hmepg 337x500 34 Esm H200

John the Ripper 1.7.2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

John the Ripper 1.7.2 (a "development" version) adds bitslice DES assembly code for x86-64 making use of the 64-bit mode extended SSE2 with 16 XMM registers. You can download it at the usual location: John the Ripper password cracker.

LS Hmepg 337x500 34 Esm H200

Holes in the Linux Random Number Generator

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

his new paper which is about to appear later this month (May, 2006) on the IEEE security and privacy conference describes holes in Linux's random number generator, as well as a clear description of the Linux /dev/random. The Linux random number generator is part of the kernel of all Linux distributions and is based on generating randomness from entropy of operating system events. The output of this generator is used for almost every security protocol, including TLS/SSL key generation, choosing TCP sequence numbers, and file system and email encryption. Although the generator is part of an open source project, its source code (about $2500$ lines of code) is poorly documented, and patched with hundreds of code patches.

LS Hmepg 337x500 34 Esm H200

PHP.Hop - PHP Honeypot Project

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

PHP HoP is an open source project for: * Application-based low-level interaction honeypot * Dealing with web threats PHP HoP has already been used to : * Fool different kind of web attackers (audit tools, manual hax0rs...) * Create real statistics about the first top10 commands used by an intruder. * Steal malware (PHP, C, Perl) that attackers wanted to upload * Identify evil behaviours and learn about current web threats

LS Hmepg 337x500 34 Esm H200

The man behind OSSTMM

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Pete Herzog, founder of ISECOM and creator of the Open Source Security Testing Methodology Manual (OSSTMM) talks with Federico Biancuzzi about the upcoming revision 3.0 of the OSSTMM. I'm Pete Herzog, managing director of ISECOM. I live in a small town in Catalonia just outside of Barcelona. It's also where I work part of the year. The other part of the year I work in the US. ISECOM is a non-profit, registered both here and in New York State, USA, with the aggressive mission to "make security make sense".

LS Hmepg 337x500 34 Esm H200

Version 0.7 of the OSSEC HIDS is now available

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OSSEC HIDS is an open source host-based intrusion detection system. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. This is one of the most improved versions so far. It now includes support for squid, pure-ftpd, postfix and AIX ipsec logs (in addition to a lot of improvements to the previous rules).

LS Hmepg 337x500 34 Esm H200

Computer Forensics Tool Testing (CFTT) Project

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There is a critical need in the law enforcement community to ensure the reliability of computer forensic tools. A capability is required to ensure that forensic software tools consistently produce accurate and objective test results. The goal of the Computer Forensic Tool Testing (CFTT) project at the National Institute of Standards and Technology (NIST) is to establish a methodology for testing computer forensic software tools by development of general tool specifications, test procedures, test criteria, test sets, and test hardware.

LS Hmepg 337x500 34 Esm H200

Bringing Botnets Out of the Shadows

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nicholas Albright's first foray into some of the darkest alleys of the Internet came in November 2004, shortly after his father committed suicide. About a month following his father's death, Albright discovered that online criminals had broken into his dad's personal computer and programmed it to serve as part of a worldwide, distributed network for storing pirated software and movies.

LS Hmepg 337x500 34 Esm H200

Finding Security's Next 'American Idol'

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

It's like an "American Idol" for security geeks. Students at the Georgia Institute of Technology prep, sweat and show their stuff while a panel of critics decides their fates. But unlike the popular "reality" TV show, judges aren't determining who can best carry a tune. Instead they weigh students' ideas for making information security more user-friendly, with $50,000 -- enough cash to fund a project for 12 months -- hanging in the balance.

LS Hmepg 337x500 34 Esm H200

How to Create RFID Access for Your Front Door

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There are many uses for RFID such as supply chain management, but access control is one of the most relevant applications for personal use. Many people use RFID access cards to get into buildings, use elevators, or even open the doors to those special penthouse type hotel suites. Setting up your own front door (or any door for that matter) with an RFID enabled access mechanism is pretty easy.

LS Hmepg 337x500 34 Esm H200

Openwall GNU/*/Linux (Owl) 2.0 release

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For those few who don't know yet, Openwall GNU/*/Linux (or Owl) is a security-enhanced operating system with Linux and GNU software as its core, intended as a server platform. After many Owl-current snapshots, Owl 2.0 release is finally out.

LS Hmepg 337x500 34 Esm H200

Linux Netwosix Creator Discusses 2.0 Vision, Future

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The recent announcement of the 2.x branch of Linux Netwosix may prompt LinuxWorld readers to ask why there were two releases--1.3 and 2.0-rc1--of this software within a week. So we contacted its creator, 19-year-old Vincenzo Ciaglia of the University of Salerno, Italy to find the answer to this and other questions.

LS Hmepg 337x500 34 Esm H200

Nessus fork emerges

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With news settling in that the makers of the network vulnerability scanner Nessus will not open source the next version of the software, the team behind the soon-to-be-renamed GNessUs project is growing fast and attracting attention.

LS Hmepg 337x500 34 Esm H200

French military body to install Linux cluster

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An agency of the French Ministry of Defence is planning to install a high-performance Linux cluster for technical and scientific work. The Technical Establishment of Bourges (ETBS), which tests and manufactures armaments, has issued a tender for the supply of a 64-bit Linux cluster, according to a document on an EU website. The deadline of the tender was reached on Thursday but it was unclear from the tender document when the ETBS plans to start implementing the cluster.

LS Hmepg 337x500 34 Esm H200

Rule Set Based Access Control 1.2.5 Available

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

RSBAC is a flexible, powerful and fast open source access control framework for current Linux kernels. From a practical standpoint, it allows possibilities such as full fine grained control over objects, memory execution prevention, real time integrated virus detection and more.

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved