Highlighting Firewall Testing Tools and Spam Defense Strategies
Accelerate your career with a Master in Information Assurance from Norwich - The NSA has designated Norwich University a center of Academic Excellence in Information Security.
Our program offers unparalleled Infosec management education and the case study offers you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| The New Linuxsecurity.com! | ||
23rd, July, 2007
As Linux and security evolves, so has Linuxsecurity.com! |
||
| Filtering PDF-/XLS-/Image-Spam With ClamAV (And ISPConfig) On Debian/Ubuntu | ||
25th, July, 2007
In our never-ending battle against spam, our opponents have decided to play the espionage route and disguise themselves as .pdf and .xls files. This shady tactic has become a trend of its own, resulting in all the recent postings of spam battling notes. This most recent article provides a how-to on setting up ClamAv to counter these new spam signatures. Get this before THEY come running wild on YOU! |
||
| Firewall Configuration Testing Tool | ||
25th, July, 2007
Sometimes a rule configuration may reside in a place other than the basic rule configuration place. In such a case, it is difficult to confirm whether it is an intended configuration by the system administrators. (Is an unnecessary hole open, or is a necessary hole open?) So, we developed a tool which checks the rule of a Firewall. " In any network your first line of defense is the firewall. One new firewall checker is called Dr.Morena. It's made up of two modules one is the check engine and the other is the packet list making engine. They work on Linux so it's good at checking your iptables. Go ahead and test your firewall to see how well it protects your network. |
||
| Spammers Dump Images, Switch to PDF Files | ||
23rd, July, 2007
"Image spam, which at the beginning of the year accounted for nearly 60 per cent of all junk email, has plummeted and now accounts for only about 15 per cent of spam." Will PDF SPAM change the way we need to detect SPAM? Will the Email providers start blocking Emails with PDF's as attachments? One thing to make sure though is to now check that your emails with attached PDF files are received. |
||
| Mozilla Patches Security Holes in Thunderbird | ||
24th, July, 2007
"The Mozilla organization has released an update to its Thunderbird 2.x e-mail client that fixes two critical security holes. These same fixes were also recently implemented in Firefox 2.0.0.5. " I found it to be interesting that the same security flaw was in both Firefox browser and in Thunderbird email client. When I starting to think about it, I found that it would make sense because the Mozilla organization works on both projects. Do you see yourself making the same security mistakes across different projects? |
||
| Holes in Firefox Password Manager are Sill Around | ||
21st, July, 2007
"The Mozilla developers have fixed a known hole in the password manager of Firefox & Co, but a door remains open for exploitation." What can users do to protect them self's while waiting for another patch. While, one thing that user can do is to disable JavaScript. Is this security risk just a Firefox problem or also a flaw in some websites? |
||
| Live Anti-Virus Test at LinuxWorld | ||
26th, July, 2007
Officials at Untangle are planning a face off between open-source and proprietary anti-virus products at the LinuxWorld Conference and Expo in August. Open-source Clam Antivirus (ClamAV) vs proprietary products from SonicWall, McAfee and others. This can be a good test for open source software. Who do you think will win? I feel it will not matter who will win because each software will learn their strengths and weaknesses. But I am rooting for Clam. |
||
| Firefox Threat as Hacker Posts Attack Code | ||
27th, July, 2007
Mozilla is working on patching its Firefox browser after a hacker posted details of a flaw that could let criminals run unauthorized software on a victim's machine. This made me think about a ethical hacker. Would you consider this hack a to be a ethical hack? Is this the best way to release a variability? It seemed to definitely get the attention of the Mozilla developer to work on fixing the flaw. But until they release the patch the variability is out there for anyone to exploit. |
||
