Weekly Linux Security Insights On Firewalls, Databases And Applications
Accelerate your career with a Master in Information Assurance from Norwich - The NSA has designated Norwich University a center of Academic Excellence in Information Security.
Our program offers unparalleled Infosec management education and the case study offers you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Securing Your Linux Server With Iptables | ||
20th, July, 2007
'Spamming', when used in a different context, does not necessarily have to be email specific. If you ever had a chance to play arcade fighter's such as Street Fighter 2, you'll notice that certain fighters have "cheap" moves that can be "used over and over", such as M. Bison's scissor kick corner trap (ah the old days). A player could pretty much "spam" this combo over and over. The interesting part about this cheap combo is that it could be countered just as easily with some skill. A basic set of good iptables rules is the perfect counter punch to a slew of common spamming attacks - no need to have SpamAssassin or procmail process the email when it doesn't even get through the front lines! Read on to gain a good base understanding of iptables and its rules. Ha-dou-ken! |
||
| The Soft Database Security | ||
16th, July, 2007
Database security is very important because of the data which can be stored on them. "But only 15 percent said that extending security best practices to the database is a "critical priority" for 2007. " What steps should be done to secure a Linux MYSQL database or other's? We hear about SQL Injection but what can be done? |
||
| Application Security Arms Race | ||
18th, July, 2007
" An increasing number of malware attacks are exploiting software application vulnerabilities." In software development is security a after thought when designing and writing a application? Patching a program after it's release is also just as import as to writing secure code. However, I believe that software developers depends on patching their software too much. In market of making software, vendors need to get the software out the door as fast as possible. So what is the balance between speed of deployment and writing secure code? |
||
| RSBAC 1.3.5 Released | ||
20th, July, 2007
Have you heard that Rule Set Based Access Control (RSBAC) 1.3.5 has been released for both Linux kernels 2.4.34.5 and 2.6.22.1?. How is RSBAC different from other security frameworks like SELinux? One improvement that caught my eye was " Cache for inherited filesystem attribute values ". Seems that this will help increase performance of RSBAC. Check out RSBAC for your self and see how it compares with other Access control security frameworks. |
||
| DNS Security Problems Misunderstood | ||
18th, July, 2007
"Nearly half of IT and business professionals surveyed by Mazerov Research reported a security compromise of their Domain Name System servers, despite spending money on overlapping security products." A interesting part of the study was that users did not rate losing DNS not a high concern. But without DNS users can't get their emails if their DNS servers goes down because of a attack. When thinking about security DNS must be at the top of the list. |
||
| Secure Browsing with Squid and SSH | ||
19th, July, 2007
"If you | ||
