We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
OpenDNS is a new start up that wants users to redirect web traffic through its DNS nameservers, where an unusually large cache and an aggregated list of sites deemed guilty of phishing will make our web surfing faster and safer. It
Every sysadmin will try its best to secure the system/s he is managing. Hopefully you never had to restore your own system from a compromise and you will not have to do this in the future. Working on several projects to restore a compromised Linux system for various clients, I have developed a set of rules that others might find useful in similar situations. The type of hacks encountered can be very variate and you might see very different ones than the one I will present, or I have seen live, but even so, this rules might be used as a starting point to develop your own recovery plan.
This article shows how to install and configure mod_security. mod_security is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc. In the first chapter I will show how to install mod_security on Debian Sarge, Ubuntu 6.06 LTS (Dapper Drake), and on Fedora Core 5, and in the second chapter I will describe how to configure Apache for mod_security which is independent from the distribution you're using.
Linux systems are fairly resistant to intrusion attempts. However, for certain applications requiring very high security levels, the features found in standard distributions may prove insufficient. This article examines several of the most popular ways to increase Linux system security at kernel level.The notions of a secure and insecure operating system are deceptive. The actual security level depends primarily on system configuration and system administrator skills, covering technological and non-technological means of protection, choice of software solution and the administrator
Data protection requirements have moved on from the purely technical question of "Did the backup work?" to the much more complex question of "Is my business protected?". The view of the backup application of success or failure is no longer relevant unless considered in the context of business policies.
When you type in a hostname like www.example.com, your computer's resolver looks in its local cache and uses the information found there, then it sends the query to a name server that it has defined. That DNS server is then responsible for resolving the name and sending the response to your computer. If the DNS server doesn't have the name in the local cache, then it starts at one of the root servers and works its way down to a so-called authoritative name server for that host name. Pretty straightforward -- and, as a distributed database, the DNS (I use "the DNS" to mean "the distributed name service" in general, not a specific DNS server) is pretty effective. But as security wonks, we care about the veracity of the data, and as DNS is deployed today, we can't even begin to verify DNS data.
When you need a new network border appliance you owe it to yourself to give serious consideration to the do-it-yourself option. You'll save a lot of money and have complete control, which are always good things when it comes to your network security. There are no shortage of DIY choices in the Free/Open Source software world; today we'll take a look at Pyramid Linux on small form-factor hardware. Pyramid Linux is designed for embedded wireless devices, but it lends itself quite nicely to ordinary wired networking as well. Based on Ubuntu Breezy, it weighs in under 64 MB. It installs read-only, making it perfect for Compact Flash devices because you don't want unnecessary writes on CF cards.
I've noticed recently that more and more of my clients and friends are having drive failures. Now I don't know if it's the recent heat waves, global warming, or the fact that most of the drives that are in play right now were purchased quite some time ago and have just run their spindles out, but at least once a week for the past two months I've heard about a full on drive failure or seen a drive showing the signs of impending doom. Since we're at the halfway mark for the year I'm suggesting that we all take a look at our backup solution and make sure that the whole end to end backup process is working.
Ian Wrigley and Simon Brock discuss how to keep your systems safe and secure from attacks Hackers are a fact of life these days. Anyone who's managed a server will know that the box will inevitably be probed, and logins attempted, on a daily basis. For example, on just one server we manage - which sits behind a firewall with only a very limited number of ports open - we've seen dozens of different login attempts from unauthorised sources over the last couple of days alone, including one sustained attempt to log in via SSH more than 2,500 times, and this is absolutely typical. So much so that these days we don't even bother notifying the system administrator of the machine from which the logins were attempted. Gone are those days when we'd email administrators to warn them that their own machines may be compromised.
According to the OWASP Guide, unvalidated input is the most common weakness found in web applications. Tainted input leads to almost all other vulnerabilities in these environments (OWASP, 2005). Before we look at how to prevent this weakness from spreading throughout your web solutions, let
DNS is mostly a directory service. Millions of people and computers use one or more directories every day. Currently, so many directories exist in our world that they have become almost transparent to casual observers. You could say it's a directory kind of world out there and DNS remains a big part of it for people who use the Internet regardless of the device. In the old days, people often referred to directories as databases and technically they were right. Directories and databases share many characteristics such as the storing of information and the ability to rapidly search through that data. Think of how many times you use your cell phone as a database for personal contacts. In fact, your cell uses its address book as a directory to rapidly find and dial people's telephone numbers.
Every business owner knows that information is much more than one of an organization
A reader alerted us today about yet another web server compromise, affecting a large number of domains. In this particular case, the server was hosted with iPowerWeb, a provider of low cost web space on shared servers. Space on a shared server is ok for personal use. But you should think twice before using it for commercial, in particular business critical use. Your web sites security will depend on a few hundred other users on the same system doing the right thing. A bad php script on one virtual server could lead to a compromisse of all web sites hosted on the same system.
Bad things happen. If you've ever worried that the over caffeinated tech might spill his latte down your web server, then today's How-To will help you out. Forgetting to back up your blog (or your website) is something that isn't a big deal until you need it -- like backing up anything, really. But your blog's files and databased aren't really so simply accessible as the files on your PC, so today we're showing you how to automatically back up your blog (or website) with some freely available tools that will use a minimum amount of your precious bandwidth.
HijackThis is a free tool developed by Merijn Bellekom, a student in The Netherlands. Spyware removal software such as Adaware or Spybot S&D do a good job of detecting and removing most spyware programs, but some spyware and browser hijackers are too insidious for even these great anti-spyware utilities. HijackThis is written specifically to detect and remove browser hijacks, or software that takes over your web browser, alters your defaut home page and search engine and other malicious things.
It's easy to understand that software security starts with writing secure code. Keep the flaws out from the beginning and you've bought yourself several pounds of prevention. Baking security in up front is logical and makes good technical and business sense; however, getting your developers on board with security training is not necessarily going to be an easy task. At first glance, it might seem that selling software security to developers would require the same approach as getting buy-in from executive management and the average user. It's not quite that simple.
When the Indiana Department of Education rolled out PCs running Linux to schools last year, it installed open source Latest News about open source antivirus software on the servers connected to the desktop systems to scan incoming e-mail. However, it didn't bother to put antivirus tools on the PCs themselves. "I hate to admit this, but I wasn't worried," said Forrest Gaston, a consultant who is managing the project for the Indianapolis-based agency. And despite heavy Internet usage by students, Gaston's optimism has been borne out thus far. Desktop security "hasn't been an issue," he said.
SSL is a wonderful protocol, but it is frequently used badly. This note is intended to point out some of the more common errors made by applications using SSL. This checklist should be useful for application developers, system administrators, and the occasional penetration tester. This note assumes you have at least a casual knowledge of SSL, but is not a paper about cryptography. If you know enough to write an SSL library, you will know every single one of the mistakes I mention below, plus a few more. Still, I hope that those of you who are writing SSL toolkits will consider why these mistakes are made. Perhaps it will help you design your toolkits so that novices use them correctly.
Trusted operating systems have been used for some time to lock down the most sensitive of information in the most sensitive of organizations. But with security concerns rising and changing by the hour, it's now a matter of trust for any organization looking to tighten its computing ship. Several vendors, including Red Hat, Sun Microsystems and Novell, are responding by adding and/or improving trusted elements in their operating system offerings.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
