We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Some in the security industry say that Linux is inherently insecure, that the way Linux enforces security decsions is fundamentally flawed, and the only way to change this is to redesign the kernel. Fortunately, there are a few projects aiming to solve this problem by providing a more robust security model for Linux by adding Mandatory Access Control (MAC) to the kernel.
Guardian Digital, the world’s premier open source Internet security company today announced the availability of the first anti-spam software tool designed specifically to diminish the threat of Trojan zombie attacks. Responsible for a high volume of successful spam attacks, this latest email threat is causing serious problems within corporate email infrastructures. Known to take over unsuspecting computers and utilize its resources to send out spam messages, zombie-type attacks use the domain name of the victimized computers ISP to send messages that appear as if they are coming directly from the ISP, making it very difficult for customary anti-spam solutions to block them.
During the disclosure of some recent vulnerabilities in the Linux kernel, I learned some things about Linux kernel security that was truly shocking. The way security in the Linux kernel is handled is broken, and it needs to be fixed right now. I'm a big proponent of open source software. Although personally I'm a huge follower of BSD-based operating systems, I keep an open and analytical mind when looking at any OS. Unfortunately, I was totally blown away with some of the things that I learned about Linux kernel security during the release of some recent vulnerabilities in the kernel code.
Only a few open-source vendors have borne the time and expense of having their software EAL-certified. Red Hat and Novell's SuSE Linux attained EAL3+ ratings in the last year, but many other vendors have yet to do the same. This raises a fundamental question: Does open-source software need security certifications to win global acceptance?
The Czech postal service is putting its faith in open source, by migrating a vital application onto SuSE Linux The Czech postal service has moved a mission-critical application used by 3,400 post offices across the country to Linux.
Corporate governance and regulation were one of the dominant themes of 2004 and look set to continue to be so throughout 2005. Corporate governance relates to how an organisation is run, and has repercussions for almost every department – particularly Finance, HR, Auditing, Procurement and IT. Due to the nature of the potential content of email, ranging from a simple customer query to financial projections, the use of this application demands particular attention to ensure that its management helps to secure regulatory compliance.
With the increasing threat of far more sophisticated attacks than just spam and viruses, email security is taking a leap forward. But in implementing new solutions, organisations open up the risk to additional vulnerabilities, because the products they have chosen may not provide an adequate level of security.
SSH is typically used for logging into remote servers so you have shell access to do maintenance, read your email, restart services, or whatever administration you require. SSH also offers some other native services, such as file copy (using scp and sftp) and remote command execution (using ssh with a command on the command line after the hostname).
The average unpatched Linux system survives for months on the Internet before being hacked, a report recently issued by the Honeypot Project claims.
Internet security research firm iDefense has announced a series of vulnerabilities and patches for a variety of Unix- and Linux-based products.
Databases control most of the business world's valuable information. Pick a vital application--credit-card processing, EDI, financial analysis, just-in-time production--and you'll find a database under it.
iDEFENSE has discovered a flaw in Xpdf, an open-source viewer for Portable Document Format (PDF) files included in most Linux distros. iDEFENSE has confirmed the existence of this vulnerability in version 3.00 of xpdf. It is suspected that previous versions may also be vulnerable. Remote exploitation of the buffer overflow vulnerability in the xpdf PDF viewer could allow attackers to execute arbitrary code as the user viewing a PDF file.
A security researcher has uncovered another set of security flaws in an image component, which could put Linux users at risk of system compromise if they view a maliciously crafted image.
Simply connecting to the Internet -- and doing nothing else -- exposes your PC to non-stop, automated break-in attempts by intruders looking to take control of your machine surreptitiously. . . .
Several major Linux vendors have warned they are vulnerable to four flaws in a widely used IMAP e-mail server from Carnegie Mellon University's Cyrus Electronic Mail Project. The flaws could allow an attacker to take over a server. . . .
This article is intended to outline useful ways of detecting hidden modifications to a Linux kernel. Often known as a rootkit, this stealthy type of malware gets installed in the kernel of an operating system and requires special techniques by Incident handlers and Linux system administrators to be detected. . . .
Linux has gaping security holes caused by systems administrators who either can't or won't keep up with the latest patches, according to a report from British security firm mi2g. . . .
Just one day after the Mozilla Foundation released Firefox 1.0, the group has revealed that prior versions of the open-source browser pose a security threat to users. . . .
Security is all the rage - according to several meanings of "rage:" a hot news topic as well as a cause of hair-tearing anger. . . .
At the end of the day this isn't about which OS is best. And it isn't about security through obscurity. OS makers need to continue to strive for perfection, for multiple layers of protection, to block hackers from gaining the ultimate prize of full control of resources and to include alerting and management tools which make monitoring penetrations easier and which make dealing with them less of a chore. . . .
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
