Discover Security Projects News

Uncovering the secrets of SE Linux: Part 2

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In an uncharacteristic move, the U.S. National Security Agency (NSA) recently released a security-enhanced version of Linux -- code and all -- to the open source community. Part 2 of this developerWorks exclusive delves deeper into the code, dissecting how the . . .

Honeynet Project Forensic Challenge Results

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Today Dave Dittrich of the Honeynet Project announced the results of the "Honeynet Fornesic Challenge". The results of all submitted reports are available on the page. Dave also talks about how the Honeynet Project is going to continue using . . .

Passive Analysis of SSH (Secure Shell) Traffic

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This advisory demonstrates several weaknesses in implementations of SSH (Secure Shell) protocols. When exploited, they let the attacker obtain sensitive information by passively monitoring encrypted SSH sessions. The information can later be used to speed up brute-force attacks on . . .