This week, perhaps the most interesting articles include "Securing Your Network With PacketFence," "Network-audit Tool for Linux Phone Announced," and "10 Best Hacking and Security Software Tools for Linux."
Norwich University's Master of Science in Information Assurance
(MSIA) program, designated by the National Security Agency as providing
academically excellent education in Information Assurance, provides you
with the skills to manage and lead an organization-wide information
security program and the tools to fluently communicate the intricacies
of information security at an executive level. Learn more
LinuxSecurity.com
Feature Extras:
Never Installed a Firewall on Ubuntu? Try Firestarter - When I typed on Google "Do I really need a firewall?" 695,000 results came across. And I'm pretty sure they must be saying "Hell yeah!". In my opinion, no one would ever recommend anyone to sit naked on the internet keeping in mind the insecurity internet carries these days, unless you really know what you are doing.
Read on for more information on Firestarter.
Review: Hacking Exposed Linux, Third Edition - "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
|
EnGarde Secure Community 3.0.20 Now Available (Aug 19) |
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.20 (Version 3.0, Release 20). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce.
|
|
Securing Your Network With PacketFence (Sep 25) |
|
Network access control (NAC) aims to unify endpoint security, system authentication, and security enforcement in a more intelligent network access solution than simple firewalls. NAC ensures that every workstation accessing the network conforms to a security policy and can take remedial actions on workstations if necessary. For example, NACs can check if a workstation has antivirus software installed and, if not, NAC will limit the workstation's access to the network.
Have you been using network access control (NAC) to secure the workstations on your network? Find out about the capabilities and performance of a free open source NAC application called PacketFence in this informative article. news/network-security/securing-your-network-with-packetfence
|
|
Mozilla Patches 11 Bugs in Firefox (Sep 25) |
|
Mozilla late Tuesday patched 11 vulnerabilities in Firefox 3.0, more than half of them labeled "critical," and fixed 14 flaws in the older Firefox 2.0. Firefox 3.0.2 quashes six critical bugs, four marked "high," and one pegged as "low" in Mozilla's four-step threat ranking system. Among the most serious were four stability bugs in the browser's graphics rendering, layout and JavaScript engines that can crash the program and might be exploitable with malicious code.
I find 11 vulnerabilities fixes in an mirror release to be pretty high. However, I am glad they are still releasing security fixes to Firefox 2.0. What do you think? news/network-security/mozilla-patches-11-bugs-in-firefox
|
|
Network-audit Tool for Linux Phone Announced (Sep 24) |
|
A handset-based network-penetration tool that runs on a Linux phone has been announced in the US.The NeoPwn tool is based on a modified Linux 2.6.24 kernel, and will let IT professionals toggle between two modes -- 'phone' and 'pwn'. The software stack runs on the Openmoko Neo FreeRunner Linux handset, which offers USB WLAN support, a GPS modem, a GPRS modem for cellular connectivity, and a CSR Bluetooth module.Pwn mode enables Wi-Fi and Bluetooth network-penetration testing, through the use of tools including Aircrack and Metasploit. While there is no hardware Qwerty keyboard, NeoPwn claimed the FreeRunner's touchscreen keyboard is "more usable than the iPhone and Nokia Nseries".
Have you ever though about using your phone as a security tool? This project's goal is to bring network-penetration to your phone. How useful do you think this will be in helping to find holes in your network?
|
|
Umit, The Graphical Network Scanner (Sep 23) |
|
Umit is a user-friendly graphical interface to Nmap that lets you perform network port scanning. The utility's most useful features are its stored scan profiles and the ability to search and compare saved network scans. A profile lets you configure how a network scan is performed, change the source information for the scan, and explicitly nominate hosts to include or exclude from the scan, as well as various more advanced options.
Have you ever used a graphical interface to Nmap to do your network port scanning? Check out this GUI to Nmap which has many useful features, including the ability to save and compare scans. news/network-security/umit-the-graphical-network-scanner
|
|
Modern Exploits - Do You Still Need To Learn Assembly Language? (Sep 23) |
|
This is a fairly interesting subject I think as a lot of people still ask me if they are entering the security field if they still need to learn Assembly Language or not?
For those that aren't what it is, it's pretty much the lowest level programming languages computers understand without resorting to simply 1's and 0's.
This article asks the question do security experts still need to learn assembly programming? What do you think?
|
|
10 Best Hacking and Security Software Tools for Linux (Sep 22) |
|
Linux is a hacker's dream computer operating system. It supports tons of tools and utilities for cracking passwords, scanning network vulnerabilities, and detecting possible intrusions. I have here a collection of 10 of the best hacking and security software tools for Linux. Please always keep in mind that these tools are not meant to harm, but to protect.
What do you think about this list of Linux security tools? Would you add or remove any of them from the list? What's your top Linux security tool? news/security-projects/10-best-hacking-and-security-software-tools-for-linux-70993
|
Sep 29, 2008
•
Anthony Pell
PREVIOUS
NEXT
