We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Today news sites repeated the monthly Microsoft execute says "Linux is insecure" articles. And while they are comparing apples with eggs (as Linux distributions ship with far more servers and network services than Microsoft offers), it's hard to deny the fact . . .
As more and more attacks are being carried out over the HTTP layer there is a growing need to push the envelope and bring Web security to new levels. Most existing tools work on the TCP/IP level, failing to use the . . .
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports Apache (both branches) today, with support for Java-based servers coming soon.. . .
When it comes to personal information, the delete key isn't enough, say computer investigators at New Technologies Armor.. . .
The survey, conducted by Evans Data Corp., Santa Cruz, Calif., showed that developers view Linux as "the most innately secure operating system. In fact, the percentage of developers who said so increased to 23 percent, up from 19 percent six months . . .
Is Linux built more securely than Windows? According to a new survey, Windows and Linux developers both say yes--and for the first time, ranked it ahead of Windows XP.. . .
Everything you do with Linux involves files in one way or another. You launch programs from files, read program configurations in files, store data in files, deliver files to clients via servers, and so on. Therefore, the tools Linux provides for . . .
SQL Injection can deliver total control of your server to an attacker giving them the ability to read, write and manipulate all data stored in your backend systems. Despite being remarkably simple to protect against, there are an astonishing number of . . .
No one doubts that computers have made businesses more fast-paced, efficient and flexible. The clerks of Dickens' day, laboriously entering facts and figures into ledgers, are long gone. The 20th century's legions of secretaries armed with typewriters, carbon paper and filing . . .
The forthcoming Red Hat Enterprise Linux (RHEL) 3 suite will include a new feature to thwart worms and hackers. The news arrives as the security of open-source systems comes under increased scrutiny.. . .
Companies are increasingly considering their security as world events cast doubt on their ability to deal with natural disaster, human error or malicious attack. Spending on security has reached record levels, and continues to climb as businesses seek to reassure shareholders . . .
Too many companies think they have disaster recovery measures in place, when in reality no one really knows whether they will work or how to implement them. The problem is that no one person is given the responsibility for disaster recovery, and therefore there is often no follow through.. . .
The open-source project for secure communications technology, known as OpenSSH, plugged a second security hole on Tuesday that affects only users who have turned off a critical security feature.. . .
Kerberos is a network authentication system that can help solve those two issues. It reduces the number of passwords each user has to memorize to use an entire network to one the Kerberos password. In addition, Kerberos incorporates encryption and message integrity to solve the second issue, ensuring that sensitive authentication data is never sent over the network in the clear.. . .
It's become a busy week for *Nix sysadmins with the release of patches over the last few days to resolve vulnerabilities with popular applications including Sendmail, openSSH and DB2.. . .
In recent weeks, high-profile arrests of hackers and malware authors have trained a spotlight on the sometimes-shadowy underworld of computer crime. The Internet may seem like a more dangerous place than ever before, but Web security administrators can greatly reduce the . . .
We can build our fortress with towering fifty-foot high, four-foot thick walls. We can build a moat thirty feet wide to surround those walls. And we can even man the castellation with the finest archers. But all will be for naught . . .
Linux, not Microsoft Windows, remains the most-attacked operating system, a British security company reports. During August, 67 per cent of all successful and verifiable digital attacks against on-line servers targeted Linux, followed by Microsoft Windows at 23.2 per cent. A total . . .
One of the more recent evolutions in network security has been the movement away from protecting the perimeter of the network to protecting data at the source. The reason behind this change has been that perimeter security no longer works in . . .
Nothing says there's a hole in your security like someone walking off with your servers. You could spend millions of dollars on access lists, firewalls, USB tokens, virus scanners, VPNs, passwords and patches to secure your network from online invasions, but . . .
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
