Security Projects - Page 43
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
For those who haven't been following the EROS project, it has now migrated to the Coyotos project. EROS, the Extremely Reliable Operating System, was a project to create an operating system whose security relied on capabilities rather than the traditional Unix model of root or non-root.
Security, Web services and Linux jobs continue to dominate the IT help wanted ads and are projected to remain among the hottest skill and certification areas in 2005, according to research firms that specialize in tracking skills and certifications. Researchers said companies continue to invest in security-related projects while looking to eliminate aging legacy systems, and are exploring less expensive, newer platforms such as Linux.
The average unpatched Linux system survives for months on the Internet before being hacked, a report recently issued by the Honeypot Project claims. The life expectancy of Linux has lengthened dramatically since 2001 and 2002, the project said, from a mere 72 hours two and three years ago to an average of three months today. Honeypot Project is a non-profit that, as its name suggests, connects vulnerable systems to the Internet in the hope of drawing attacks so that they can be studied. To figure out the lifespan of a Linux system, the group set up a dozen "honeynets" -- the project's term for a system that hosts numerous virtual honeypot machines -- in eight countries, then tracked the time it took for those machines to be compromised.
New Honeynet Project KYE paper released "Know Your Enemy: Trends". This paper documents how the life expectancy of unpatched or vulnerable deployments of common Linux systems has increased from 3 days to 3 months. This is surprising based on the increase of malicious activity seen in the past 18 months.
ROPE is an IpTables packet matching module that allows complex logic to be defined using a simple scripting language. ROPE scripts run in the linux kernel, triggered by an IpTables rule and can inspect any portion of the IP packet - both headers and data payload.
I'm ready to announce that Linux Netwosix 1.2 is ready. I have completely rebuilt , upgraded and secured the system. Please, read the Announcement Release. Is based on the powerful and reliable Kernel 2.6.9 and has been created for the requirements of every SysAdmin. Nepote contains the updated packages. You can download Netwosix from our Download Center or from one of our mirrors. Thank you! . . .
In 2001 two Italians released the first beta version of ettercap, a network protocol analyzer. This summer they released ettercapNG, which was completely rewritten from scratch with better, modular code, making it easier to add new features and write and submit patches. . . .
Integrating SEM (security event management) technology with existing security and system management infrastructure can be a hair-raising experience. Security point products such as IDSes, anti-virus gateways, and vulnerability scanners tend to use proprietary formats for reporting, recording network events, and issuing alerts. . . .
Airport security is an ever-growing concern these days, as fears about the potential for terrorist attacks loom worldwide. One airport adopting major security upgrades is the Santiago Airport in Chile, which recently opened 60 checkpoint kiosks utilizing biometric security software running on SUSE Enterprise Linux. . . .
IPsec is an addition to IP protocol that allows authentication and encryption of IP datagrams. It is defined in detail in IETF RFCs 2401, RFC 2402, RFC 2406 and RFC 2407 (see Resources). IPsec can be used to secure a rather wide range of scenarios; one of its best-known usages is creating virtual private networks (VPNs). . . .
Updated: The vast majority of worms and other successful cyber attacks are made possible by vulnerabilities in a small number of common operating system services. Attackers are opportunistic. They take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools. . . .
Eat your spinach," Mom used to say. "It will make your muscles grow, power your laptop and recharge your cell phone... " OK. So nobody's Mom said those last two things. . . .
A consortium of European companies, including Linux-distributor Mandrakesoft, has been awarded a three-year, $8.6 million contract to boost security of the open-source Linux operating system, the companies said Thursday. . . .
Yes, friends, I am afraid you do have to start paying attention to IPv6 (Internet Protocol version 6) (define). It's on its way, it's inevitable, and us ace network admins must learn to use it. . . .
[Johannesburg, 20 September 2004] - A preview of a new Linux distribution inspired by South African international open source software evangelist, Mark Shuttleworth, is available on the Internet. . . .
Passwords, the dominant form of securing enterprise assets, are a failure, a research firm said Thursday.According to the Meta Group, passwords aren't cutting the mustard because of both organizational and user failings, . . .
Cryptography firm Certicom has announced a cross-platform security toolkit for future mobile phone handsets. The Certicom Security Architecture for Mobility will provide a common programming interface for developers to access . . .
Indiana University has automated its software security patch management in a bid to help protect potentially sensitive student records and reduce network vulnerabilities. . . .
Internet standards group rejects the protocol because of embedded Microsoft proprietary technology.Several Internet sources today reported that the Internet's Internet Engineering Task Force (IETF) has officially turned thumbs down . . .
There are a number of promising technical papers under consideration by the Internet Engineering Task Force which deal with the ever-growing problem of spam. Most of them seek to attack the spam problem obliquely rather than head on. . . .