Linux Security Overview - EnGarde, Postfix Risks, and Virtualization
Accelerate your career with a Master in Information Assurance from Norwich - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study offers you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.
Security on your mind?
Protect your home and business networks with the free, community version of EnGarde Secure Linux. Don't rely only on a firewall to protect your network, because firewalls can be bypassed. EnGarde Secure Linux is a security-focused Linux distribution made to protect your users and their data.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Postfix Monitoring With Mailgraph And pflogsumm On Debian Etch | ||
28th, June, 2007
Ever come back from a vacation only to be SWAMPED with email? The interesting part is that just applies to you - imagine what email service providers must go through as far as maintenance! Read on for a nice how-to on configuring and monitoring Postfix with the least hassle. Use graphs to gain a visual understanding of your traffic and cron jobs to report daily to you. Remember, this is one area where we could potentially let email through with a 'Click Here!' link that could lead to many, MANY more problems for everyone. |
||
| Security Fears Slow Virtualization | ||
23rd, June, 2007
"More than half (52 percent) say the technology introduces some new security challenges." I asked this question to myself; What makes virtualization less secure then a physical installation of a Linux OS? What is the fear? Is it the fear of a attack called guest-to-guest attack or is the fear of virtualization software it's self? As the with any software which gains popularity there will be an increase of vulnerabilities but it's up to the user to make it secure. |
||
| The Value of Security Tools | ||
27th, June, 2007
Monitoring all open ports is a important task to do for security reasons. " Perhaps the best method is regular Nmap or Nessus scans of your hosts (though this has some risks and you will have to ensure that you set up both to scan in a non-intrusive manner) with the output compared a pre-defined baseline." I see the value in both tools but I question how useful is Nessus. How good is it in detecting reals treats to the users system? Running Nmap once in a while is a good idea to know which ports are open so users and then try to tighten them up with tools for example firewalls. |
||
| SuSE Finally Patches OpenOffice.org Flaw | ||
29th, June, 2007
"Linus firm SuSE has fixed a flaw in the OpenOffice.org suite of programs more than two weeks after it was discovered.". Why did it take SuSE so long to fix the very publicized OpenOffice security flaw? Maybe they did not think it was a serious threat but with the popularity of OpenOffice I would think any possible vulnerability in the software should be fixed fast. |
||
| Postfix Mail Server Block Malware With Blacklist | ||
28th, June, 2007
"Malware is used for a harmful purpose. " Spreading malware via email is a very common practice by attackers. On the Internet there are free Malware blacklist available. How can we make sure that these free blacklist will not block our personal emails? I feel the risk of getting malware is greater then the risk of having a few of my personal emails getting blocked. |
||
| Nagios with BMC Patrol, Setting Up SSH and More | ||
27th, June, 2007
When ten plus people are yelling at you at the same time, who do you listen to? It wouldn't matter if everyone was yelling out the scores from yesterday's ball game, however, what if they were yelling about which box / server / service is down? Organize and get your battle plan set by having Nagios sort it all out for you. In fact, make sure everything is working properly with a secured SSH server first and you'll have an easier time bouncing around your network to mitigate any damages. |
||
| Entering A Safe Mirror When Logging In With Unionfs And Chroot | ||
29th, June, 2007
Guests can never be trusted. Whether they're just anonymous users poking around your server or house guests that never seem to flush the toilet, you can never really entrust the integrity of your system to someone you don't know. Well, how about putting them in a sandbox environment? Not good enough? What about sandbox-within-a-sandbox? Read on to learn about combining the powers of chroot with Unionfs which enables you to put untrusted users into a safe, secure environment where damage is highly mitigated. |
||
| Vendors Admit More Cooperation Needed on Security | ||
30th, June, 2007
"The security chiefs of several large infrastructure and software vendors said they are doing all they can do to embed security into their products, but they agreed that more work must be done to improve security between their platforms." How well does the open source community spread security issues? Does Redhat and Novel work together to improve security? One of the best ways to improve security is to have all players share their patches to fix vulnerabilities fast. |
||
| Virtual Hosting With vsftpd And MySQL On Debian Etch | ||
26th, June, 2007
Layers upon layers of security should make anyone feel warm and fuzzy about their secured application. I like the fact that if anyone is going to root me, they're going to have to WORK for it. FTP was always an area where I felt it could use a little more work in locking down its defenses. Enter Vsftpd along with a tag team partner of virtualization, and you've got a how-to of sandboxing your FTP server into a virtual environment. |
||
| All About "secure-apt" | ||
25th, June, 2007
"In recent releases, Debian has been using strong crypto to validate downloaded packages". "secure apt" was implemented in Apt version 0.6 in 2003, which Debian migrated to in 2005. So it was been around for a while but this is the first time I have heard about it. Is this better then the normal "apt-get"? When installing a package from a unknown repository, I feel it helps to verify that the package you are installing is really the one that you want and not a virus. |
||
| Secure Your Connection With Open Source | ||
26th, June, 2007
Open source is a great resource for any computer user to look at to making their system more secure. Anytime you make a connection to the Internet that data you are sending is at risk of people looking in. "You never know who may be watching your connection."The open source community has many tools for any user to help in their security needs. Why not take a look? |
||
| Don | ||
