Security Projects - Page 50
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
A group of open source developers dedicated to introducing an industry standard on security testing will be releasing the fruits of their labours later this month. Ideahamster.org started working on the Open Source Security Testing Methodology Manual (OSSTMM ) last year after becoming "sick of reading bland testing methodology descriptions".. . .
A government-funded initiative announced Tuesday aims to boost code review of open-source software to prevent security holes. Funded by the Defense Advanced Research Project Agency, the same organization to initially bankroll the predecessor to the Internet, the Sardonix Audit Portal aims . . .
Cohen worked on MojoNation before quitting last April to concentrate on his BitTorrent project, and he's convening hackers in downtown San Francisco next month for a P2P/cypherpunk conference a world away from the usual corporate trappings. "[Other] Conferences cost a ridiculous amount of money, and hackers are treated like dirt," says Cohen.. . .
When Darren Reed, author of the packet filtering support for OpenBSD, modified the license terms for his software, support for ipfilter was removed from the main OpenBSD tree. Now, Darren has released his own version of OpenBSD 3.0 that includes support for his packet filtering. . . .
An interesting bug was filed today by Florian Weimer. I'll quote the bug report in full: "Over the past few months, the GNU/Linux community has slowly adopted a way of dealing with security issues which closely resembles the approach suggested by . . .
Andreas Krennmair writes, "Because I found the design of Solar Designer's POP3 daemon popa3d somewhat obscure, I started writing my own POP3 daemon, called akpop3d. Now I want to ask the LinuxSecurity.com community to peer-review this program. Although I . . .
OpenAntiVirus is a platform for people seriously interested in anti-virus research, network security and computer security to communicate with each other, to develop solutions for various security problems, and to develop new security technologies. Moreover, OpenAntiVirus will also provide an integrative platform for different developing projects related to virus protection and computer security already existing within the Open Source Community.. . .
The latest version of phrack has been released. This issue covers Advances in kernel hacking, RPC without borders, Developing StrongARM/Linux shellcode, The Security of Vita Vuova's Inferno OS, Phrack World News, and more.. . .
If you've never used Linux before and need to set up a server fast and easily, this is one of the best ways to do it. It's also very cost effective because it will run on almost any PC and doesn't require any expensive hardware, not to mention that the software itself sells for a very low price. This is a very well done and thought out software bundle that's sure to be around for a long time.. . .
Bennett Haselton, the Webmaster for anti-Internet censorship Web site Peacefire.org, is the latest in a string of Washington residents to emerge victorious in small claims court by invoking the state's new law against unsolicited bulk e-mail. While the $2,000 in damages . . .
Lance Spitzner, founder of the Honeynet Project, wrote in to tell us of the formation of the Honeynet Alliance, an effort to work with security organizations around the world to collaborate on the research and development of their project to learn the tools, tactics, and motives of the blackhat community, and share the lessons learned.. . .
Rainbow eSecurity, a Rainbow Technologies, Inc. company and a leading solutions provider of digital content and transaction security, and Guardian Digital, the open source security company, today announced a strategic and technology partnership aimed at securing Linux-based transactions. This integrated . . .
This is the fourth and final installation of a four-part series devoted to the exploration of LIDS, a Linux kernel patch that will allow users to take away the all-powerful nature of root. The first article in this series offered an . . .
Fred shares his professional experience and describes what's required to write a security policy for your organization. "Anyone reading this can draft a corporate security policy, using the secrets I reveal in this column. All you need is a bit of guidance, which I provide herein by discussing where to begin, what components are needed, and what procedures to follow. Due to space limitations, my advice is fairly high level, but it should be enough to get you started.. . .
Researchers at Cornell Uni. and AT&T labs have created a variant of the C programming language to build more secure apps. Eventually they want to build a secure OS immune to glitches like buffer overflows... "US researchers are working on a . . .
This is the third part of a four-part article devoted to the exploration of LIDS, a Linux kernel patch that will allow users to take away the all-powerful nature of root. The first article in this series offered an overview of . . .
Microsoft and five security companies announced Thursday that they would create an organization to promote the responsible publishing of information about software flaws. Though many of the details have yet to be hammered out, the move marks the beginning of what . . .
Firms are exposing themselves to security risks by failing to implement effective policies, say security experts. A study of 100 British IT directors undertaken by IT services provider GAP indicates that even if firms have drawn up security policies, they were . . .
This is the second part of a four-part series devoted to an overview of LIDS, a Linux kernel patch that will allow users to take away the all-powerful nature of root in order to give programs exactly the access they need . . .
Hundreds of thousands of websites may be at risk after hackers discovered a vulnerability in a popular web server program. Users running PHP Nuke, a free open source tool for database-based websites, were put on red alert yesterday when it was . . .