Security Advisories: VNC, Honeynet, And SSH Protection Insights
Vyatta - Linux-based Router, Firewall & VPN - Vyatta software and appliances combine the features, performance and reliability of enterprise networking gear with the cost-savings and flexibility of open-source solutions. Vyatta empowers you to replace overpriced proprietary router, firewall and VPN equipment with commercially supported open-source solutions.
Download Free Vyatta Software
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
pgp Key Signing Observations: Overlooked Social and Technical Considerations - While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
Security on your mind?
Protect your home and business networks with the free, community version of EnGarde Secure Linux. Don't rely only on a firewall to protect your network, because firewalls can be bypassed. EnGarde Secure Linux is a security-focused Linux distribution made to protect your users and their data.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Pretty Good Privacy with PGP | ||
24th, May, 2007
PGP has two uses. First, it is an encryption system that uses public-key cryptography. Each user has a public key and a private key. In simple terms, you can encrypt a message using someone's public key and they can decrypt it using their private key. (A one-off session key is actually involved.) If the private key has been kept truly private, no one else can read the message. |
||
| Introducing Google's online security efforts | ||
23rd, May, 2007
Online security is an important topic for Google, our users, and anyone who uses the Internet. The related issues are complex and dynamic and we've been looking for a way to foster discussion on the topic and keep users informed. Thus, we've started this blog where we hope to periodically provide updates on recent trends, interesting findings, and efforts related to online security. Among the issues we'll tackle is malware, which is the subject of our inaugural post. |
||
| The Big Ol' Ubuntu Security Resource | ||
21st, May, 2007
If you've recently switched from Windows to the Linux distribution Ubuntu, you've probably experienced a decrease in spyware -- and malware in general -- on your system. But although Ubuntu is billed as the ultra-secure solution, you should know that even though Ubuntu's default install has its flaws, like every other operating system. |
||
| How to secure VNC remote access with two-factor authentication | ||
22nd, May, 2007
If you haven't already, you can download a copy of the WiKID open-source token client. The first time you launch the token client, you need to create a passphrase. Once started, select Actions and Create New Domain |
||
| Nmap based open source vulnerability detection | ||
23rd, May, 2007
Snort creator Sourcefire and Insecure.Org, the creator of the Nmap Security Scanner will jointly develop open source vulnerability scanning technology based on the general purpose Nmap Scripting Engine embedded within the popular Nmap network discovery tool. Under the agreement, Insecure.Org will develop the engine while the Sourcefire Vulnerability Research Team will develop and contribute plug-ins for discovering specific vulnerabilities. |
||
| Lessons From a Honeynet That Attracted 700,000 Attacks | ||
25th, May, 2007
Over the 5 year lifetime of the IrishHoneynet, we have witnessed hundreds of thousands of scans, probes and attacks against the servers that comprise the network. Our estimation is that given an average of 3,000 attack attempts a week, each server has seen more than 700,000 compromise attempts over the 5 years. Taken at face value, this is a remarkable figure. |
||
| Protecting Against SSH Brute-Force Attacks | ||
27th, May, 2007
Practically all UNIX-based servers run a SSH server to allow remote administration across the Internet. From time to time, you might notice a large number of failed login attempts. Often, these are brute-force attacks against your SSH server | ||
