This week, perhaps the most interesting articles include "Inside the Twisted Mind of the Security Professional," "Analyzing Malicious SSH Login Attempts," and "Ongoing IFrame Attack Proving Difficult to Kill."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Open Source Tool of March: ZoneMinder - For January and February, we chose some of the staples of open source security (GnuPG and Nmap) as the tool of the month. And deservedly so; both have just celebrated their ten-year anniversary in the open source realm, a rare feat for any open source project, much less one founded on security.
But for the month of March, we wanted to move ahead and change gears. This month's Open Source Tool is no newbie for sure, but we bet that most of you reading haven't heard of it. While most Linux security tools deal with digital security, this month's tool is one of the few to cross that divide;
Welcome to Zone Minder, the Open Source Tool for March...
Meet the Anti-Nmap: PSAD - Introduction
Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. However, certain attacks are not blindly thrown at you - a good attacker knows that a certain amount of reconnaissance and knowledge about your defenses greatly increases the chances of a successful attack. How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is...
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
|
EnGarde Secure Community v3.0.18 Now Available! (Dec 4) |
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
|
|
Open Source Movement as Terrorism? (Mar 21) |
|
I am not aware of any other entity, group or idea that matches these five primary characteristics of the open source movement as exactly as terrorist organizations.
Read on for a two-in-one post from Linux Today - one post shows the "paper" that goes into detail into why the open source movement can be seen as terrorism, while the second post provides some rebuttals against the argument. Do you feel the article brings up any valid points? How would you respond to the author? news/government/open-source-movement-as-terrorism
|
|
Inside the Twisted Mind of the Security Professional (Mar 20) |
|
Uncle Milton Industries has been selling ant farms to children since 1956. Some years ago, I remember opening one up with a friend. There were no actual ants included in the box. Instead, there was a card that you filled in with your address, and the company would mail you some ants. My friend expressed surprise that you could get ants sent to you in the mail.
I replied: "What's really interesting is that these people will send a tube of live ants to anyone you tell them to."
Read on for an interesting observation from Bruce Schneier about the mindset of security professionals. There is emphasis put on a certain college course which focuses on this way of thinking - it's amazing what a last name can grant you these days!
|
|
Analyzing Malicious SSH Login Attempts (Mar 20) |
|
Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks.
Honeypots are an interesting way to learn about the threat from the outside world to your network. Do you think they are very useful for a Linux system administrator. news/network-security/analyzing-malicious-ssh-login-attempts
|
|
Four Good Choices for Your Next IDS (Mar 19) |
|
If you have only a single computer, then it's possible for you to spend your days giving it careful manual scrutiny for mischiefs and problems. Perhaps not entirely desirable, but possible. But in the real world we need good tools to monitor and warn us of mischiefs, so we can actually go outside and have a life every so often. Intrusion detection is one of those gnarly jobs that can make you paranoid and nervous
|
Mar 24, 2008
•
Anthony Pell
PREVIOUS
NEXT
