Vendors/Products

Discover Vendors/Products News

Users slam Microsoft Security Analyser

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Microsoft released the Baseline Security Analyser (MBSA), a free tool which analyses Windows systems for common security misconfigurations, earlier this week. But users have already slammed it as just a GUI version of the software giant's HfNetChk.. . .

LinuxSecurity.com Team
Apr 16, 2002

MS vs. open source: Security's the same

The fact is, both sides have their share of problems--but neither side has the edge when it comes to fixing security holes. You're just as likely to encounter a security problem with open source code as you are with Microsoft Windows, and the fix is just as likely to appear quickly and be done properly.. . .

LinuxSecurity.com Team
Mar 27, 2002

Web Hosting Firms Key To Success For SSL Providers

... despite the paramount importance of SSL certificates, hosting companies have had few options when it comes to purchasing them. Until late 2001, Web hosts typically had two main choices: VeriSign or Thawte. With the entrance of 2002, however, the battle to secure the Web servers of hosting companies, their clients and other large-scale enterprises finally seems to be heating up.. . .

LinuxSecurity.com Team
Mar 21, 2002

Linux zlib security flaw could affect numerous programs

A warning about the security flaw identified Monday in the zlib compression/decompression library affecting Linux systems (see story) has been broadened to include Windows and any other other operating systems that use the zlib code. In an update about the flaw on their Web site, the authors of the zlib library said they have learned that the code is used in far more programs than they originally believed.. . .

LinuxSecurity.com Team
Mar 15, 2002

Open-source flaw threatens MS code

A security flaw in open-source software used by Linux and Unix systems for compression may affect some Microsoft products that also use the code. As reported earlier this week by CNET News.com, a flaw in the zlib software-compression library could . . .

LinuxSecurity.com Team
Mar 15, 2002

PGP Encryption Will Survive, Inventor Says

Pretty Good Privacy will go on, despite a move by Network Associates to shelve the encryption product after it couldn't find a buyer, PGP inventor Phil Zimmermann says. Although Zimmermann sold PGP to Santa Clara, California-based NAI in 1997, the protocols for the encryption code are open to all on the Internet.. . .

LinuxSecurity.com Team
Mar 08, 2002

$100,000 prize in 'unbreakable' crypto challenge

A company called Bodacion Technologies is offering $100,000 to anyone who can crack their biomorphic number generator and predict the final, one-thousandth, number in a sequence of 999. The company is dong this to promote its Hydra server, which uses biomorphic . . .

LinuxSecurity.com Team
Mar 06, 2002

CERT: Vulnerabilities in Various Implementations of the RADIUS Protocol

Two vulnerabilities in various implementations of RADIUS clients and servers have been reported to several vendors and the CERT/CC. They are remotely exploitable, and on most systems result in a denial of service. VU#589523 may allow the execution of code if . . .

LinuxSecurity.com Team
Mar 05, 2002

Latest EnGarde Linux Updates: mod_ssl and mod_php

Ensuring that your systems are updated is an integral part of maintaining a secure Internet presence. Two security updates were released today for EnGarde, one for PHP and another for mod_ssl. . . .

LinuxSecurity.com Team
Mar 04, 2002

Don't be lulled by the illusion of security

The biggest threat to corporate security today may well be the plethora of security products that are widely deployed. This is not to say that companies should not invest in security, but rather that more attention needs to be paid . . .

LinuxSecurity.com Team
Feb 28, 2002

Paranoid II - The Revenge of TinFoil Hat

TinFoil Hat Linux is a small Linux distribution that can be easily booted from a floppy disk. As from my perspective its two best sides are that you have your ring pair backuped on one place and that you can securely . . .

LinuxSecurity.com Team
Feb 26, 2002

Security: Key Players - HP

HP has rather less market share than CA or IBM, but is significant for its specialist products and its service capability. The company has worked hard on secure platforms, notably its Unix based Virtual Vault product. The Unix emphasis has . . .

LinuxSecurity.com Team
Feb 19, 2002

EnGarde provides protection from SNMP attacks

Recently the Computer Emergency Response Team (CERT) announced that many implementations of the Simple Network Management Protocol (SNMP) are susceptible to multiple remote vulnerabilities. More than 200 vendors implement this protocol in a manner that can be exploited. . . .

LinuxSecurity.com Team
Feb 15, 2002

Snort Sniffs Out a Commercial Future

The creator of the popular open source intrusion detection system gets megabucks in venture capital for a Snort start-up. The commercial potential of open source security products won a financial vote of confidence last week when the author of the hacker-busting . . .

LinuxSecurity.com Team
Feb 14, 2002

Myth of storage security savaged

Storage security will become an "imperative" this year as the adoption of Internet technologies undermines the comforting notion that storage networks are safe from hacker attacks. In an analysis of storage security, the Yankee Group concludes that security will become an . . .

LinuxSecurity.com Team
Jan 25, 2002

Scando: Poke, Prod, and Secure Your Web Apps (Solaris)

Web application security firm KaVaDo beefed up its line of products on Tuesday when it announced a new vulnerability-assessment tool for Web applications called ScanDo. ScanDo approaches and probes Web applications the same way that an attacker would. In doing so, . . .

LinuxSecurity.com Team
Jan 24, 2002

SmoothWall Encrypted Password Hash World Read Vulnerability

Update: Project founder responds below. "SmoothWall does not use shadowed passwords in their firewall implementation. While this is not inherently dangerous as firewall systems are not designed as multi-user, an unauthorized user gaining access to the system via exploitation . . .

LinuxSecurity.com Team
Jan 18, 2002

Yellow Dog Releases Numerous Security Fixes

Dan Burcaw of the Yellow Dog Linux distribution announced today that several security vulnerabilities were inadvertantly not announced as they were released. These advisories include fixes for squid, diffutils, openssh, sendmail, printtool, ucd-snmp, and tetex. Several bugfix advisories have been announced as well.. . .

LinuxSecurity.com Team
Jan 16, 2002

Veridis release FileCrypt SDK, a cross-platform security library

Developers will find that implementing security has never been as easy as with FileCrypt SDK, Veridis' library allowing them to add strong encryption compatible with PGP to their applications.. . .

LinuxSecurity.com Team
Dec 05, 2001

SSH BRINGS ADVANCED BENEFITS TO NEXT-GENERATION SSH SECURE SHELL SOFTWARE

SSH Communications Security, a world-leading developer of Internet security solutions, today announced the next-generation of its leading encryption software, SSH Secure Shell 3.1, a product designed to protect end users, businesses and developers from the most common break-in method used by . . .

LinuxSecurity.com Team
Dec 03, 2001

Ubuntu 24.04 Security Enhancements Analyzed

Ubuntu Linux 24.04 LTS Beta Released with Enhanced Security & Performance

Fedora 40 Released with Impressive Speed & New Security Features