Vendors/Products - Page 43 - Results from #840

Discover Vendors/Products News

Analyzing Ubuntu Server Security Insights And AppArmor Setup

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Is Ubuntu Security what is claims to be? Some say yes, some say no. Carla Schroeder from Enterprise Networking Planet chimes in on server versus desktop kernel issues, and gives Ubuntu Server a whirl. What are the differences between versions? How does it handle package management, LAMP Stack and Iptable set-up? What about AppArmor? AppArmor is supposed to be the "real world" alternative to SELinux. Unfortunately there is nothing included that explains the default AppArmor configuration, or how to modify it. Also: Some users might have an expectation that Ubuntu Server will be all shiny and easy like Ubuntu Desktop. It's not

LinuxSecurity.com Team
Nov 20, 2007

Red Hat's Move for JBoss Certification Under Common Criteria

In the world of security certifications, the Common Criteria is one of the strongest ways that a company can look to gain business from Government agencies. It acts as a great way to gain international business as well. And as of Thursday, the Red Hat announced that they will be seeking the same certification (but different level) for their Java software, JBOSS. What are you thoughts on the effectiveness of Common Criteria certifications on actual security, versus as a business and marketing tool?

LinuxSecurity.com Team
Nov 07, 2007

Exploring Holiday Shopping Trends for Cybercriminal Tools

Malicious hackers and other assorted bad guys looking for new tools for plying their trade this upcoming holiday season will have plenty of toys and services to choose from. As we get closer to the holidays, I look forward to ogling / wishing / debating over the items listed in any "top holiday buys" catalogs. However, it looks like there are other people wishing to be on Santa's naughty list AND get gifts - check out the article for a look into a recent trend with organized cyber crime. When do you think they'll have their own Home Shopping Network time slot?

LinuxSecurity.com Team
Oct 23, 2007

EnGarde Secure Linux Review: Installation Overview And Management Features

Linuxhelp.blogspot.com decides to take EnGarde Secure Linux: Community Edition for a spin in this thorough distro review. He describes the installation, displays screen shots from various aspects of the platform, and goes into some detail regarding managing services, backing up files, checking logs, setting up firewalls, and more. He had this to say about WebTool: In short the web tool is a one stop shop for troubleshooting and managing your server from a remote location. A very powerful interface indeed.

LinuxSecurity.com Team
Oct 15, 2007

Avinti NEWT Anti-Spam Plugin Effectively Blocks Malware Links

In the perpetual battle against spam, Avinti has thrown its hat into the game with its email gateway plugin. Reading through the article presented a very generic description of the tool: Called NEWT, for Neutralize E-mail-Web Threats, the software is designed to block URLs and IP addresses embedded in inbound spam messages that link to known malware sites, according to company officials. How does a tool like this stack up to the likes of SpamAssassin or Spamhaus's DROP list? Does Avinti's database of known malware links scale to today's amount of incoming spam?

LinuxSecurity.com Team
Oct 03, 2007

Creating Packet Traces from Nessus Scans for Better Security Analysis

There's a lot of magic that goes on behind the scenes when you do a full Nessus vulernability scan. However, how are you exactly trust that report about your OpenSSH server being vulnerable? Is it just relying on version numbers and not considering patches? The Nessue 3 Unix scanners allow you to save packet dumps of your scans in libpcap compatible files, allowing you to view them under TCPDUMP or Wireshark for your convenience. Now you can go into greater analysis of what exactly was used to scan your server rather than a text message of "scanned". Read on for even more benefits to saving the packet data of your scans!

LinuxSecurity.com Team
Sep 11, 2007

Exploring Commercial Malware And Its Effect On Cybercrime

There are now people who create programs that make it easier for other people to create programs that make money. Don't worry, you read that right. This article reports on the business of making commercial malware / spamming software. For just around $200, you yourself can have programs that exploit Firefox, Internet Explorer, and Quicktime in an effort to spread your spam as quickly and easily as possible. There are now concentrated efforts in coding these shiny, plug and play spam generators. Have we gotten to the point of "if you can't beat 'em, join 'em"?

LinuxSecurity.com Team
Sep 07, 2007

RenaissanceCore Open Source IDS: Tackling Community and Innovation Issues

This open source company attempts to bring their open source IDS solutions to the table. The article provides a personal insight into the beginnings and directions of the project, bringing out an interesting point of the catch-22 of open source projects: no community -> no credibility -> no community. Sure one of the biggest concerns with the IDS are false positives - however, which IDS doesn't have that concern? Why not check out the article and see if you would want to contribute to the community there. Better yet, do you have any ideas of how to get out of the catch-22?

LinuxSecurity.com Team
Sep 05, 2007

Investigating Software Flaws in Forensics: Insights from DefCon

Those of you familiar with CSI (or have surely heard of it) are all too familiar with the process they use to catch the criminals - scientific analysis, forensics, gadgetry, and smarmy head investigators. Reoccurring themes include DNA analysis or other types of human-related evidence. However, in the information world, catching a criminal after the crime is in another league of its own. This article presents an account of a recent DefCon presentation which focused on breaking the actual forensics software used to analyze compromised systems. The most interesting line in the article referred to the weaknesses in one of the most popular forensics tools - "Most of these can and will be fixed in the near future, but at least one is a design flaw, not a bug.". Read on to find out how your forensics tools are only as good as the makers of them, and how it can result in a perfect getaway.

LinuxSecurity.com Team
Aug 10, 2007

Immunity's Automated Exploit Tool Enhancing Attack Code Generation

Better scripting languages calls for better automation which results in better automated exploit tools. Security firm Immunity has its own tool that automates the creation of attack code, supposedly cutting the development time in half. Unveiled at DefCon, this tool has made its rounds at the conference and sparked a buzz with its emphasis on capitalizing on zero-day flaws, making sure exploits can be developed as soon as possible.

LinuxSecurity.com Team
Aug 10, 2007

EnGarde Community Installation Review: A Server Testing Guide

A site for reviews and Linux, Piotr over at Polishlinux.org took a chance to review EnGarde Community for servers. A nice, quick overview of install, configuration, and how to test EnGarde from one computer. The site itself is a great resource for understanding how to compare, assess and choose the best distribution for you. SO make sure to check out their Distro chooser,a great little quiz that takes your preferences and recommends the best distro based on your answers. A nice resource as well. Check it out!

LinuxSecurity.com Team
Aug 08, 2007

Xandros Server 2.0 Remote Access Integration with NoMachine

Let's just imagine for once that you ARE a Photoshop wizard or some other GUI intensive app expert. Better yet, you're the sysadmin responsible for all those Microsoft Word / Photoshop heavy desktops on your network. One day your boss asks you "What happens if the building is closed due to bad weather / construction / St. Patrick's Day Parade? Can we enable remote access for our web design whiz kids?" With the recent release of Xandros Server 2.0, this is all possible. "The companies claim that this extended Xandros-NoMachine alliance provides enhanced capabilities for secure and rapid access to graphical applications, running on any operating system across any network connection." Tell the whiz kid's who somehow "can't make it into work" that she could now work from home effeciently, utilizing her broadband connection to connect to the Xandros Server rather than connecting to deviantArt.

LinuxSecurity.com Team
Jul 19, 2007

Explore Virtualization for Cisco and Linux Network Security

I'm a big fan of virtualization software. The main benefits come from having a pristine duplicate testing environment in every case, ease of portability, as well as (lack of?) hardware costs. These are essential features in anyone's network analysis toolbox and helps to expose any vulnerabilities in architecture. Read on for some interesting virtualization schemes for Cisco routers and Linux networks and start hammering away at your "what if?"s rather than theorizing them.

LinuxSecurity.com Team
Jul 11, 2007

Advocating Enhanced Security Collaboration In Open Source Software

"The security chiefs of several large infrastructure and software vendors said they are doing all they can do to embed security into their products, but they agreed that more work must be done to improve security between their platforms." How well does the open source community spread security issues? Does Redhat and Novel work together to improve security? One of the best ways to improve security is to have all players share their patches to fix vulnerabilities fast.

LinuxSecurity.com Team
Jun 30, 2007

Review of Yoggie Pico Pro: Enhance Windows Security With Linux Apps

How secure is Linux? It is so secure it is now being used to protect Microsoft Windows. Adrian Kingsley-Hughes gives a first hand review of the 'Yoggie Pico Pro'. The Yoggie, no relation to a the baseball player, is an embedded computer the size of a USB drive that plugs right into a computer USB port. The little gadget then allows the user to run 13 security applications that won't bog down his normal computing experience. Its a must have for any one that has a laptop and likes to plug into public networks.

LinuxSecurity.com Team
Jun 19, 2007

Google Desktop: Security Flaw Exploits Installed Software Risk

Just one day after a security researcher showed how Google's Firefox toolbar could be exploited in an online attack, a similar flaw has been discovered in the Google Desktop.

LinuxSecurity.com Team
Jun 01, 2007

Firefox Extensions Show Security Risks Due To Insecure Updates

Makers of some of the most popular extension software used by the Firefox browser are not doing enough to secure their software, a security researcher said Wednesday.

LinuxSecurity.com Team
May 31, 2007

Examining Vendor Responsibilities in Security Bug Management

In last week

LinuxSecurity.com Team
May 14, 2007

BackTrack 2 Review: Over 300 Testing Tools in Live CD Distribution

BackTrack is a live CD Linux distribution that focuses on penetration testing. A merger of two older security-related distros -- Whax and Auditor Security Collection -- BackTrack bundles more than 300 security tools.

LinuxSecurity.com Team
Apr 25, 2007

Red Hat 5: 11 Critical Advisories on Application Flaws and Updates

It turns out that, after years of engineering work and collaboration efforts with strategic partners such as IBM, Red Hat's March 14 release of Red Hat Enterprise Linux 5 had the misfortune of coinciding with the company's release of a whopping 11 security advisories.

LinuxSecurity.com Team
Mar 19, 2007

Community Poll

More Polls

Vendors/Products - Page 43

After Years of Supply Chain Attacks, npm Is Finally Closing the Door on Auto-Scripts

Risks of GitHub Repo Breach on Linux Supply Chain Security

MXDR Provider Selection for Linux Environments and Security Services