Security Projects - Page 42 - Results from #820

Discover Security Projects News

Nessus fork emerges

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With news settling in that the makers of the network vulnerability scanner Nessus will not open source the next version of the software, the team behind the soon-to-be-renamed GNessUs project is growing fast and attracting attention.

LinuxSecurity.com Team
Oct 26, 2005

Web Application Firewall Evaluation Criteria Announced

The Web Application Firewall Evaluation Criteria project announced its first public release. The goal of the project is to develop a testing methodology that can be used by any reasonably skilled technician to independently assess quality of a web application firewall.

LinuxSecurity.com Team
Oct 10, 2005

French military body to install Linux cluster

An agency of the French Ministry of Defence is planning to install a high-performance Linux cluster for technical and scientific work. The Technical Establishment of Bourges (ETBS), which tests and manufactures armaments, has issued a tender for the supply of a 64-bit Linux cluster, according to a document on an EU website. The deadline of the tender was reached on Thursday but it was unclear from the tender document when the ETBS plans to start implementing the cluster.

LinuxSecurity.com Team
Sep 30, 2005

Rule Set Based Access Control 1.2.5 Available

RSBAC is a flexible, powerful and fast open source access control framework for current Linux kernels. From a practical standpoint, it allows possibilities such as full fine grained control over objects, memory execution prevention, real time integrated virus detection and more.

LinuxSecurity.com Team
Sep 29, 2005

Auditor: The security tool collection

The Auditor security collection is a GPL-licensed live CD based on Knoppix, with more than 300 security software tools. Auditor gives you easy access to a broad range of tools in almost no time.

LinuxSecurity.com Team
Sep 23, 2005

Prelude Releases 0.9 of Hybrid IDS Framework

The Prelude Project has released the 0.9 version of their Hybrid IDS Framework. Which represents over seven years of development. It supports over 40 different types of devices and log types. As well as other security software such as Snort and Samhain offering support for reporting to Prelude. Many other advancements have been made to the Prelude Framework. Including the all new Prewikka front-end for correlation and monitoing of alerts.

LinuxSecurity.com Team
Sep 21, 2005

Red Hat Unveils IT Courses

Red Hat, the world's leading provider of open source solutions to the Enterprise, announced the addition of Institute of Advanced Computing Management (IACM) to their Authorised Training Partner Network, which extends across India, Nepal, Bangladesh, Sri Lanka and Pakistan. Red Hat's complete range of Training and Certification programs will now be available at IACM. Red Hat offers the highest quality of Linux and Open Source training and certification. Red Hat Certified Engineer (RHCE) and Red Hat Certified Technician (RHCT) are highly valued among professionals as they are an actual measure of performance tested through live implementation. Red Hat certified Linux professionals are considered to be world class.

LinuxSecurity.com Team
Sep 07, 2005

OpenSSH update fixes recent vulnerabilities

The first fix prevents "GatewayPorts" from being "incorrectly activated for dynamic ('-D') port forwardings when no listen address was explicitly specified," according to the changelog. The update also prevents GSSAPI credentials being "delegated to users who log in with methods other than GSSAPI authentication (e.g. public key) when the client requests it." The update also includes a host of bug fixes, improvements and added features according to the announcement.

LinuxSecurity.com Team
Sep 05, 2005

Is Firefox's Notification Lag Necessary?

In a previous post about Firefox I proposed that the lack of automatic deployment of Firefox software updates is a disservice to the vast majority of Firefox users who may not bother to check in for updates. Today I found out another interesting tidbit: the Mozilla Foundation doesn't turn on Firefox's automatic notification feature for several hours after a new Firefox version is available.

LinuxSecurity.com Team
Aug 11, 2005

Car Whisperer

The carwhisperer project intends to sensibilise manufacturers of carkits and other Bluetooth appliances without display and keyboard for the possible security threat evolving from the use of standard passkeys. A Bluetooth passkey is used within the pairing process that takes place, when two Bluetooth enabled devices connect for the first time. Besides other public data, the passkey is a secret parameter used in the process that generates and exchanges the so-called link key. In Bluetooth communication scenarios the link key is used for authentication and encryption of the information that is exchanged between the counterparts of the communication.

LinuxSecurity.com Team
Aug 03, 2005

Interview with Fyodor of Nmap

Nmap ("Network Mapper") is a free utility for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free software, available with full source code under the terms of the GNU GPL. Read at TuxJournal.net

LinuxSecurity.com Team
Jul 17, 2005

NetWhistler 2.6 release

NetWhistler 2.6 is a easy to use Network monitoring software that offers integrated fault and performance management functionality.

LinuxSecurity.com Team
Jul 15, 2005

KCPenTrix 1.0 PenTesting LiveCD released

Knowledgecave is proud to announce that KCPenTrix Ver 1.0 is now available.

LinuxSecurity.com Team
Jul 13, 2005

Linux Distribution Tames Chaos

Chaos, a Linux distribution developed by Australian Ian Latter, harnesses the unused processing power of networked PCs, creating a distributed supercomputer that can crack passwords at lightning speed. The program remotely boots Linux on a PC without touching the hard drive, leaving the "slave" PC's operating system and data secure and untouched. Thirty PCs connected as a cluster create enough processing power to complete complex mathematical equations or high-level security tasks like password cracking that no individual PC could handle alone.

LinuxSecurity.com Team
Apr 19, 2005

Firefox Flaw Publicity Good for Open Source

Publicity surrounding the JavaScript flaw shows “the open source system is working,

LinuxSecurity.com Team
Apr 06, 2005

Are You Safer With Firefox?

Is Firefox a more secure web browser than Microsoft's Internet Explorer? The answer may be yes, but the issues are more complicated than most people realize. In fact, Firefox has its share of security problems, and has probably been saved from real-world attack so far only by its single-digit market share,

LinuxSecurity.com Team
Mar 15, 2005

More-Secure Linux Still Needs To Win Users

The National Security Agency built a version of Linux with more security tools that its technologists believe could help make the country's computing infrastructure less vulnerable. They've won over the Linux developer community with the changes. But success depends on its adoption by U.S. companies and government agencies, something that remains very much in doubt.

LinuxSecurity.com Team
Mar 07, 2005

Honeypot Project finds decline in Linux attacks

Unpatched Linux systems are lasting longer on the internet before being compromised, according to a study by the Honeynet Project, a nonprofit group of security professionals that researches online attackers' methods and motives. Data from 12 honeynets showed that the average "life expectancy" of an unpatched Linux system has increased to three months from 72 hours two years ago.

LinuxSecurity.com Team
Feb 24, 2005

Arkeia Network Backup Agent Remote Access (Exploit?)

On February 18th, 2005 "John Doe" posted a remote buffer overflow exploit for the Arkeia Network Backup Client. This vulnerability affected all known versions of the software, going back as far as the 4.2 series (when the company was called Knox). The buffer overflow occurs when a large data section is sent with a packet marked as type 77. The Arkeia Network Backup Client is your typical backup agent; it runs with the highest privileges available (root or LocalSystem) and waits for a connection from the backup server. The Arkeia client and server both use TCP port 617 for communication. According to the SANS ISC, the kids are wasting no time.

LinuxSecurity.com Team
Feb 21, 2005

IBM study tests Linux security

To test open source security products, a study was conducted over a period of three months at the IBM Linux Test Integration Center. The goal for the security study was to deploy and compare various open source security tools that were available for free in the industry, and provide solution recommendations.v

LinuxSecurity.com Team
Jan 31, 2005

Security Projects - Page 42

CoCo VMs Will Now Panic If RdRand Is Broken in Linux 6.9

New GitHub Actions Enhancements Boost Security & Power

Tails 6.1 Released with Security, User Experience Enhancements