Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. Click to find out more!
LINUX ADVISORY WATCH - This week, advisories were released for mplayer, samba, wxgtk, cups, htmlheadline, nasm, zip, pcal, tiff, namazu, imlib2, selinux, tetex, pcmcia, kernel, mysql, gpdf, hotplug, linpopup, firefox, shoutcast, mit-kbr5, xine, phpgroupware, xzgv, vilistextum, vim, mc, and fam. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, and Red Hat.
LinuxSecurity.com Features:
A 2005 Linux Security Resolution - Without a mission and plan, very little gets accomplished. The new year should not only be a time to set personal goals such as an exercise regiment, but also a time to focus on security practices and configurations. 2005 will be hostile, now is the time to prepare.
State
of Linux Security 2004 - In 2004, security continued to be a major
concern. The beginning of the year was plagued with several kernel flaws and
Linux vendor advisories continue to be released at an ever-increasing rate.
This year, we have seen the reports touting Window's security superiority, only
to be debunked by other security experts immediately after release. Also, Guardian
Digital launched the new LinuxSecurity.com, users continue to be targeted by
automated attacks, and the need for security awareness and education
continues to rise.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Report: Big boost for blogs in 2004 | ||
4th, January, 2005
The number of blogs and the use of blog readers rose rapidly last year--but a majority of Americans still do not know what a blog is. A report by the Pew Internet and American Life Project, called the "State of Blogging," discovered that readership of Web blogs--essentially, Web-based diaries--spiked 58 percent last year, with 27 percent of Internet users, or 32 million people, saying that they read blogs. Twelve percent of people who read blogs also chose to post comments on them. |
||
Internet Mobilizes To Aid Tsunami Victims | ||
4th, January, 2005
From bloggers to multi-billion-dollar tech vendors, the Internet community gave its money and resources to help victims of the Asian tsunamis. Here's a roundup of our stories on the subject, including moving reports from a blogger who described the toll via cell-phone text messaging, and other bloggers who wrote what they saw from the scene of the carnage. |
||
Securing your workstation with Firestarter | ||
5th, January, 2005
Firestarter is a GPL-licensed graphical firewall configuration program for iptables, the powerful firewall included in Linux kernels 2.4 and 2.6. Firestarter supports network address translation for sharing an Internet connection among multiple computers, and port forwarding for redirecting traffic to an internal workstation. Firestarter's clean and easy to use graphical user interface takes the time out of setting up a custom firewall. |
||
New Netcraft Toolbar Blocks Phishing, Analyzes Web Sites | ||
4th, January, 2005
Review: Protect yourself from fraudulent sites by having as much information as possible about them. The Netcraft Toolbar makes that information convenient. A new, free browser add-in from English Internet services firm Netcraft Ltd. fights phishing attacks and helps users investigate sites they visit.eWEEK.com tested the new tool bar, available initially only for Internet Explorer on Windows 2000 and Windows XP, and liked what we saw. All but one phishing link we visited was interrupted by a popup from the tool bar (click here to see a sample) and we used the built-in link to report the one site that the tool bar didn't block. |
||
PC Desktop Anti-Virus Programs Tested | ||
5th, January, 2005
|
||
Mozilla and Firefox Vulnerabilities Identified | ||
6th, January, 2005
|
||
What's The Difference Between Spyware And Viruses? | ||
7th, January, 2005
|
||
High-Risk Flaws Flagged in IE, Mozilla | ||
7th, January, 2005
Security researchers have raised the alarm for a series of unrelated, high-risk vulnerabilities in Microsoft Corp.'s Internet Explorer and the open-source Mozilla browsers. |
||
Year in review: Networking gets secure | ||
4th, January, 2005
Juniper Networks got the ball rolling in February with the $4 billion acquisition of NetScreen Technologies, which specialized in virtual private network and firewall technology. In July, Microsoft and Cisco Systems began butting heads on security. Each announced plans to develop a comprehensive security architecture that would not only scan for viruses but also police networks to deny connections to machines that don't conform with security policies. |
||
Authentication >> The Power of Who | ||
4th, January, 2005
|
||
SSH Port Forwarding | ||
6th, January, 2005
|
||
Linux Netwosix Virtual Community is born! | ||
9th, January, 2005
Finally the first Linux Netwosix Virtual Community is born. |
||
Linux and Open Source: The 2005 Generation | ||
3rd, January, 2005
|
||
Security challenges spread to multiple fronts and IT jobs will rebound in 2005 | ||
3rd, January, 2005
|
||
2004: Year of the Cyber-Crime Pandemic | ||
3rd, January, 2005
Internet crime and security have gotten a lot more complicated in the past year, with phishing and spyware constantly taking on new forms. |
||
2004: On the road to prevention | ||
4th, January, 2005
Even though it happened late in the year, 2004 will probably be remembered as the year that Microsoft Corp.'s Internet Explorer slipped. |
||
Shun Linux and kiss your job security good-bye, part 1 | ||
4th, January, 2005
IT managers who think that their Microsoft certifications give them all the tenure they need are in for a rude awakening. In fact, says author Robin Miller, their pink slips are only a point-and-click away. |
||
Packaged Security Software: An Alternative To Expensive Consultants | ||
5th, January, 2005
Security consultancies will tell you that the explosive growth of system vulnerabilities and the risks of not complying with regulatory requirements, such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach-Bliley Act (GLBA), require network architects to purchase vulnerability assessment (VA) consulting. We say, "Why bother?" Packaged VA solutions provide an affordable basis for systematic, repeatable methodologies that demonstrate compliance if used correctly (see "VA Deployment Tips" on page 49). The packaged VA solution architectures carry a common theme: They have matured to the point where inexperienced administrators can perform the sorts of security scans and analysis that were once the domain of hardcore security engineers. |
||
Beyond Passport Vulnerabilities | ||
6th, January, 2005
|
||
From Russia with malice | ||
6th, January, 2005
Virus writing is no longer the exclusive domain of teenage geeks designing malicious code in their bedroom. |
||
What you measure is what you get | ||
6th, January, 2005
|
||
Linux comes down with security flu | ||
7th, January, 2005
|
||
New WINS Exploits Making Rounds | ||
5th, January, 2005
Almost a month after Microsoft released a fix for a security issue in the WINS (Windows Internet Name Service) name server, malicious exploits continue to haunt tardy network administrators. According to an alert from the SANS ISC (Internet Storm Center), there has been a startling increase in hacker probes directed at TCP port 42 and UDP 42, which handle WINS services. "If you have not patched your WINS servers in respective companies or campuses, beware. Patching these systems is now overdue," the center warned. |
||
Hackers Sniffing For Vulnerable Microsoft Servers | ||
5th, January, 2005
|
||
IE flaw threat hits the roof | ||
9th, January, 2005
Three unpatched flaws in Internet Explorer now pose a higher danger, a security company warned, after code to exploit one of the issues was published to the Internet. Secunia said Friday that it had raised its rating of the vulnerabilities in Microsoft's browser to "extremely critical," its highest rating. The flaws, which affect IE 6, could enable attackers to place and execute programs such as spyware and pornography dialers on victims' computers without their knowledge, said Thomas Kristensen, Secunia's chief technology officer. |
||
United States Air Force Enforces Mobile Security Using Senforce | ||
4th, January, 2005
|
||
802.11i Strengthens Wi-Fi Security | ||
5th, January, 2005
With the recent ratification of 802.11i, and the certification and availability of products enabled for the wireless security specification, the time seems right for enterprises to feel safe in adopting wireless networking en masse. However, eWEEK Labs has found that issues ranging from incompatible legacy hardware to uneven migration strategies may slow adoption of 802.11i technology. To be sure, 802.11i is a huge step forwardÑit's the first standardized wireless security solution with which government and businesses can be comfortable. |
||
Bluetooth viruses pose growing threat | ||
6th, January, 2005
|
||