Server Security - Page 37
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
These servers run the Squid proxy server software; this software is available under the GNU general public license. In brief, Squid provides for caching and/or forwarding requests for internet objects such as the data available via HTTP, FTP and gopher protocols. . . .
A year later, many security companies have had the chance to examine Win2K in detail. And hackers have had their shots at cracking it. So how have Redmond's promises of improved security stood up after this gimlet-eyed scrutiny? Surprisingly well. While . . .
Last week, I mentioned that the new beta version of Proxomitron, a local Web proxy, supports SSL. Let's look at how this works. Normally, Proxomitron works only with unencrypted traffic. It listens (by default) on port 8080. To relay traffic through . . .
... IT managers and CxOs already understand the value of strong security practices, right? Wrong. Apparently, the message isn't hitting home. Even with the constant barrage of security talk spewed by media and marketers, IT managers can't get upper management to . . .
This article is the first one in a series about the main security holes that can usually to appear within an application. Along these articles, we'll show the ways to avoid them by changing a little the development habits. It doesn't . . .
Let's continue where we left off by taking a closer look at /etc/inetd.conf. Remember that inetd is the internet super-server which listens for requests on behalf of other daemons; it reads /etc/inetd.conf to determine which ports you wish it to listen . . .
Among BIND, there were several other vulnerabilities this week. "Buffer-overflow problems have been found in versions 4 and 8 of BIND, a domain-name-system daemon distributed by the Internet Software Consortium (ISC). This vulnerability has wide implications as most sites on the . . .
Solar Designer has updated his OpenWall patches for BIND 4.9.7 and BIND 4.9.8. COVERT Labs at PGP Security has published a security advisory on a number of BIND vulnerabilities:. . .
There are two things I am sure of after all these years: there is a growing societal need for high assurance software, and market forces are never going to provide it. Superficially, I'm going to offer a few comments on the technology underlying the NSA release. My real intent is to induce the Open Source community into building on this release--so when society wakes up to the fact that this stuff is really, truly needed, something is actually there. . . .
Connecting a computer to the Internet can be dangerous business. Just ask Troy Hall. Three months ago, the experienced system administrator put his newest Linux server online. Three days later, an intruder had taken control of it.
In what some see as a perfect example of the evidence of cosmic retribution, an avalanche of spam has crashed British Internet service provider Pipex's servers, and stopped delivery of e-mail to its million-plus users for the past week. . . .
Problems this week include a problem with glibc, a possible problem with ReiserFS, a buffer overflow in exrecover, a stack overflow in arp, temporary file race conditions in a long list of programs, and a back door in Borland InterBase. . . .
This document discusses implementing process accounting on a BSD system. The paths may be slightly different on a Linux system, but it's otherwise the same. "Over a year ago, I had an interesting job of tracking down how a root superuser . . .
Trevor Warren writes: "This second article in the series takes you through TCP wrappers, OpenSSH, disabling unnecessary services and better monitoring of system activity by using unique log files to monitor specific information."
This is the first-part in a series of articles about different options for secure file transfers. I won't cover how to sniff connections, steal passwords or if SSH is really "secure". But hopefully, I can provide some information that will be . . .
Fewer than half of blue-chip companies believe that their ebusiness and security strategies are effectively coordinated. Business managers are guilty of demanding ebusiness at all costs and security is overlooked, according to research by analyst group Xephon. . . .
Borland's InterBase database software contains a "back door" that allows anyone with the appropriate password to wreak major havoc with the database and the computer it's running on, security experts said. A back door is an undocumented way to get access . . .
The U.S. National Security Agency last week publicly released a prototype "security-enhanced Linux" operating system, hoping to attract the developer community to find ways to improve Linux security for business and governmental uses. So how is the developer community reacting so . . .
A potential threat to ecommerce sites has been identified with the discovery of the first virus using the hypertext preprocessor (PHP) scripting language. PHP is one of the most popular scripting languages and is used to develop ecommerce sites and those . . .
This article, based on a recent attrition.org report, doesn't mention how many hacked sites were due to default passwords, poor administration, etc. The numbers couldn't possibly be not telling the whole story now, could they. "The year 2000 saw Windows NT . . .