This week, perhaps the most interesting articles include "Disabling Root On Linux or Unix," "Major fix to DNS Vulnerability Impacts Debian," and "Google Open Sources RatProxy Security Tool."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Security Features of Firefox 3.0 - Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security.
Read on for more security features of Firefox 3.0.
Review: The Book of Wireless - "The Book of Wireless" by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless networking, users need to know how to protect themselves from wireless networking attacks.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
|
EnGarde Secure Community 3.0.19 Now Available! (Apr 15) |
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. news/vendors-products/engarde-secure-community-3019-now-available
|
|
GNU/Linux Tools to Preserve Your Online Privacy, (Jul 11) |
|
Whether you are online or offline, freedom matters. Like good health you never think about it or miss it until it is under threat or actually gone. If you love freedom, you probably love free software and it has given us some terrific tools with which to defend freedom. In this article I will give an overview of some of the available resources (Freenet, Wikileaks and Tor) to protect dissident opinion, facilitate whistle blowing and promote the safe and anonymous development of free software.
If you want or need to keep your online surfing private there are many Linux applications to choose from. Do you use any online privacy software when surfing the next? news/privacy/gnulinux-tools-to-preserve-your-online-privacy
|
|
Ruby Bindings for libselinux (Jul 11) |
|
Dan Walsh has announced preliminary Ruby support for libselinux (the core SELinux management library). This is to enable the integration of the Puppet systems management tool with SELinux, and should also allow other Ruby applications to be similarly integrated.
I can see some uses for this but how many ruby applications will be using these binding for libselinux? Will we see more programming language having binding to this SELinux library?
|
|
How To Set Up Shorewall (Shoreline) 4.0 Firewall On CentOS 5.1 (Jul 10) |
|
The Shoreline Firewall, more commonly known as "Shorewall", is a high-level tool for configuring Netfilter. You describe your firewall/gateway requirements using entries in a set of configuration files. Shorewall reads those configuration files and with the help of the iptables utility, Shorewall configures Netfilter to match your requirements. Shorewall can be used on a dedicated firewall system, a multi-function gateway/router/server or on a standalone GNU/Linux system. Shorewall does not use Netfilter's ipchains compatibility mode and can thus take advantage of Netfilter's connection state tracking capabilities. https://shorewall.org/
Shorewall is a great firewall package for Linux it's, most distro's have packages available. What do you think about Shorewall? Do you have any other favorite firewall package. news/firewall/how-to-set-up-shorewall-shoreline-40-firewall-on-centos-51
|
|
Drupal 6.3 and 5.8 Released, Fixing Security Issues (Jul 10) |
|
Upgrading your existing Drupal 5 and 6 sites is strongly recommended. There are no new features in these releases, but we fixed some notable performance issues too. For more information about the Drupal 6.x release series, consult the Drupal 6.0 release announcement, more information on the 5.x releases can be found in Drupal 5.0 release announcement.
If you use Drupal it's strongly recommenced that you update it to the latest version. news/network-security/drupal-63-and-58-released-fixing-security-issues
|
|
Disabling Root On Linux or Unix (Jul 9) |
|
Loosely following up on a few previous posts regarding securing Linux and Unix and even more fun with Unix and Linux security, today we're going to look at something vaguely security-related, and also vaguely scary ;) It has to do with the root account (or user id 0) and security hardening. I've got nothing against either, so this won't be an insane diatribe, but (especially, no offense to Ubuntu) with more Linux distro's coming straight out-of-the-box with root disabled, I see the issue of security and the root user get a little confused. A lot ;)
Any Ubuntu user knows that the root account is disabled by default because of security concerns. But if we have strong passwords and firewalls do we really need to disable the root account?
|
|
Major fix to DNS Vulnerability Impacts Debian (Jul 9) |
|
A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently. In what appears to be a coordinated effort to fix a well known, though still potentially critical vulnerability to the Domain Name System (DNS) protocol, patches are being deployed today for both Windows and Linux, by both Microsoft and Debian, respectively. These patches would enable a long suggested protocol for validating the source of DNS requests.
This is definitely an patch that every DNS server should do updates for. Do you think we are going to see DNS servers being attacked in the coming days? news/network-security/major-fix-to-dns-vulnerability-impacts-debian
|
|
TrueCrypt 6.0: Better Software for the Paranoid (Jul 8) |
|
You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding - the critical data on your hard drives. Available for Linux, OS X, and Windows, the software is licensed under its own TrueCrypt license, which is not OSI-approved.
Check out the latest release of TrueCrypt. Have you ever used it on your Linux machine to protect personal data? If so what do you think about it. news/cryptography/truecrypt-60-better-software-for-the-paranoid
|
|
Unpatched Web Browsers Prevalent on the Internet (Jul 8) |
|
Only 59.1% of people use up-to-date, fully patched Web browsers, putting the remainder at risk from growing threats from diligent hackers, according to a new study published by researchers in Switzerland. The study, published Tuesday, is one of the most comprehensive analyses of what versions of Web browsers people are using on the Internet. The study was conducted by researchers at The Swiss Federal Institute of Technology, Google and IBM Internet Security Services.
It really does not surprise me that only 59.1% of user's browsers are up-to-date. But, what do you think is causing this? Are user's not taking updating their machines seriously? news/network-security/unpatched-web-browsers-prevalent-on-the-internet
|
|
Who Is Running the Most Secure Browser? (Jul 7) |
|
Many users are undoubtedly not updating their browsers as quickly as they should, but you can't conclude any specifics about that from the recent study of Google logs. The researchers who published a large study of Web browser security this week had a great idea and excellent data to work with. Too bad they overreached with their conclusions. A lot more is being made of this paper than is warranted.
What do you think is the most secure browser? This article looks at a study that tries to answer this question. news/network-security/who-is-running-the-most-secure-browser
|
|
Google Open Sources RatProxy Security Tool (Jul 6) |
|
Google has released the source code for its internal RatProxy security tool. The software analyses web pages for potential security risks and reports back to the site administrator. RatProxy can pick up cross-site scripting flaws and incomplete cross-site defence mechanisms, as well as potential data leak sources and risky code that retrieves data from outside domains.
Have you tested out Google's RatProxy software on your Linux machines? The software seems to offer a lot to Open Source security community, but what do you think?
|
Jul 14, 2008
•
Anthony Pell
PREVIOUS
NEXT
