Learn about Linux
Download Linux
Get Linux helpSpecial Offers
NewsVac: News from around the Web
-
SSH Key-based Attacks
1 day, 4 hours ago
US-CERT is aware of active attacks against linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as "phalanx2" is installed. -
Deploying Enterprise Software Securely
1 day, 6 hours ago
This laundry list of security requirements is a lot to think about for every application deployment, but vigilance in this area can drastically improve an organization’s security posture. The requirements can be put into a standardized template, and at the end of the process each requirement should have a mark for pass, fail, or perhaps not applicable. Anything marked as a failure should be noted and can be escalated or accepted as a risk. -
Internet Terrorist: Does Such A Thing Really Exist?
1 week, 1 day ago
In this article, a former CISO discusses the notion of worrying about the potential risk of terrorism against his organization and how it seems to be the lowest priority given the choices at hand. Ironically, terrorism today seems to be an emerging concern in the commercial world and many are actively pursuing methods and technology to help combat the problem. As a result, he began to research this trend to determine its drivers and potential implications to information security as we know it today. -
Reputation Attacks: A Little Known Internet Threat
1 week, 2 days ago
Reputation attacks target both individuals and companies, and their goal is to ruin the victim’s reputation. While attack techniques are varied, the consequences are often the same: a damaged reputation resulting in many cases in financial loss. Attackers can use several methods to ruin a company’s reputation. Until now, most common attacks have been based on distributed denial of service (DDoS). The objective of these attack is to flood corporate online services by means of millions of non legitimate requests from botnets. -
The DNS Bug: Why You Should Care
1 week, 2 days ago
It's not every day that the New York Times writes articles about the Domain Name System, but then again this DNS bug is anything but normal. -
DefCon 16: Hackers and a Gag Order in Sin City
1 week, 3 days ago
In many ways the virtues that have brought Linux from a Unix look alike pet project to a competitive operating system are the same as the ideals behind DefCon. The community stood on each other's shoulders and developed piece after piece of software to fill in the gaps that were found through use. Programmer's built on the ideas of others creating tighter and tighter code to support an increasingly complex framework. Originally that was the theme of this article when I had begun thinking about writing it. The things that I saw at DefCon were every bit of the ideals I went up there to find and more... -
LinuxCertified Announces its next Linux Device Driver Development Course
1 week, 5 days ago
LinuxCertified Inc, a leading provider of Linux training and services, today announced its next Linux Device Driver Development Course class to be held in South Bay, CA from August 25th to August 27th. -
10 Million Zombies Distribute Spam & Malware Daily
2 weeks ago
According to a Panda Security and CommTouch report on the current state of spam, on average during the second quarter of this year, more than 10 million zombie computers were sending spam and emails with malware every day. Google Adwords has been at the center of one of the most notable attacks. In the second quarter of 2008, Turkey became the country with most zombie computers (11 percent of the global total), followed by Brazil (8.4 percent) and Russia (7.4 percent). The USA, which in the first quarter accounted for 5 percent of all zombies, is now in ninth place with just 4.3 percent of the total. -
Report Reveals Most Threatening Piracy Groups
2 weeks ago
V.i. Labs issued a report revealing that piracy groups are fully exploiting security gaps in the common licensing mechanisms used in electronic design automation (EDA), computer-aided design (CAD), and product lifecycle management (PLM) software to produce counterfeit versions of these high-priced applications. In particular, the piracy groups TBE (the Bitter End), LZ0 (LineZero0), oDDity, and Zero Waiting Time (ZWT) pose significant threats. Because of the well-organized nature of these groups and their relationships with suppliers embedded in the software vendor operations, some of these piracy organizations are able to issue an average of 500 crack releases per year. -
Boston Subway Hackers Banned from Presenting Hack at DEFCON
2 weeks, 2 days ago
Three American students were restricted by a court of law from presenting the results of a study made on the possibilities to perform some easy hacks on the fare payment system of the Boston subway. The three students at the Massachusetts Institute of Technology (MIT) wanted to prove, at this year's DEFCON hacker conference, that the security system of the Massachusetts Bay Transit Authority could be easily broken into. Their study was first used for a school project that earned them all an... -
Hackers: Uncle Sam Wants You
2 weeks, 5 days ago
UPDATED: At Black Hat, agencies including the FBI, US-CERT, and the military make the pitch for assisting in the U.S.'s fight against cybercrime and cyberwar. -
How to Prevent a Coffee Shop Wi-Fi Attack
2 weeks, 5 days ago
Logging on using your mobile device allows hackers to steal your password unless you take basic precautions. -
Microsoft to seek credit for finding vulnerabilities
2 weeks, 6 days ago
Microsoft is jumping into the responsible disclosure game. The company announced at the Black Hat security conference on Thursday that it is formalizing its program of informing third-party software vendors of security problems with products that run on top of Windows. -
How to squash seven lesser-known system attacks
3 weeks ago
Too often, businesses and enterprises focus on the dangers that get the most press and forget that there are plenty of other ways they can be hurt. This article outlines some of the lesser-known attacks that a business can face and points out ways to defend against them. -
Black Hat says 'canceled' Apple talk never existed
3 weeks, 1 day ago
On the eve of this year's Black Hat Briefings, officials disputed a researcher's claim that his talk had to be canceled. They say the talk never even existed. - More News
Linux.com : Security
Protecting your MySQL database from SQL injection attacks with GreenSQL
SQL injection attacks can allow hackers to execute arbitrary SQL commands on your database through your Web site. To avoid these attacks, every piece of data supplied by a user on a Web form, through HTTP Post or CGI parameters, or other means, must be validated to not contain information that is not expected. GreenSQL is a firewall for SQL -- it sits between your Web site and MySQL database and decides which SQL statements should and should not be executed. At least that's the idea -- in execution, I found some open doors.
Set up your firewall with Firewall Builder
Firewall Builder (fwbuilder) is a graphical application that can help you to configure IP traffic filtering. It can compile the filtering policy you define into many specifications, including iptables and various languages used by Cisco and Linksys routers. Separating the actual policy you define and the implementation in this way should let you change what hardware is running your firewall without having to redefine your policy for that platform.
A hands-on look at Vyatta Community Edition 4 networking software
Vyatta offers hardware and open source software for enterprise-level network infrastructure. Vyatta can turn any 32-bit x86 machine with at least one network interface into a network appliance that handles routing, firewall, and VPN tasks. The company released Vyatta Community Edition 4 in April, with improved scalability and feature enhancements. Large enterprises now have a low-cost alternative to proprietary hardware like the Cisco 7200.
Testing Web application security using Google's ratproxy
To help developers audit Web application security, Google has released an open source tool called ratproxy. It is a non-disruptive tool designed for Web 2.0 and AJAX applications that produces an easy-to-read report of potential exploits.
Network Security Toolkit distribution aids network security administrators
Network Security Toolkit is one of many live CD Linux distributions focusing on network monitoring, analysis, and security. NST was designed to give network security administrators easy access to a comprehensive set of open source network applications, many of which are among the top 100 security tools recommended by insecure.org.
Patches coming today for DNS vulnerability
Whether you're running Linux, Windows, Cisco, Sun, or other DNS servers, you are at risk from a newly discovered vulnerability. So says Dan Kaminsky, head of penetration testing research at IO Active, who accidently discovered the DNS "design flaw" earlier this year.
Free Locknote for Windows offers fast free file encryption
Steganos Locknote is a handy little GPL-licensed utility for Windows, built using the Crypto++ class library. It is designed to keep text files secure, so you can store your sensitive information and passwords without having to worry about the information falling into the wrong hands.
Deposition challenges Trend Micro patent on virus scans
Goran Fransson, a Swedish developer and entrepreneur, has given a deposition in the Barracuda-Trend Micro case that appears to seriously undermine Trend Micro's patent on gateway virus scanning.
Smart ACL management with Eiciel
The traditional file permission model, where read, write, and execute permissions are set on each file for the user, group, and others (UGO) has one drawback: It can't be used to define per-user or per-group permissions. For that, you need to employ access control lists (ACL). Eiciel is a graphical tool that integrates with the Nautilus file manager and allows for easy ACL management.
Test your environment's security with BackTrack
In the field of penetration testing, BackTrack is today's premier Linux distribution. Designed for, created by, and used by security professionals around the globe, BackTrack is the result of a merger between two earlier, competing distributions -- WHAX and Auditor Security Collection. The most recent beta version was released on June 10.
Barracuda CEO Dean Drako explains why his company is publically fighting Trend Micro patent suit (video)
It's unusual for companies engaged in patent litigation to comment on how the fight is going. But Barracuda Networks CEO Dean Drako has openly sought FOSS community support for his company's defense again a Trend Micro lawsuit that, while filed against his company, is really about ClamAV. We've written about this before, as have others. In this video, however, we'll let Dean tell you in his own words what's going on -- and why.
Fwknop and single packet authorization
Protecting servers by placing them behind a firewall is a best-practice methodology for systems administrators, but it's not a panacea: those systems are still visible to network scanners such as nmap and nessus. While services like SMTP and HTTP may need to be accessible to the public, most enterprises also have private internal servers that require external access by traveling support staff. For those users, fwknop, an open source utility that provides single packet authorization, can help sysadmins hide their servers from network nasties.
Security Alert: Debian OpenSSL flaw affects many systems
Well-known security researcher H. D. Moore, creator of the MetaSploit Project, has posted his findings on the recently discovered Debian-packaged OpenSSL bug. Moore documents the cause of the bug and explains how easily attackers can create every possible key the flawed OpenSSL implementation can generate.
Protecting directory trees with gpgdir
gpgdir uses GNU Privacy Guard (GnuPG) to encrypt and decrypt files or a directory tree. You could accomplish the same objective by tarring the filesystem up and then encrypting the tar.gz file with GnuPG, but then you would still have to shred or wipe every file in the original directory tree. With gpgdir the whole tree is encrypted in one command.
Baker College wins National Collegiate Cyber Defense Competition
Baker College of Flint, Mich., defeated defending champion Texas A&M University and four other regional winners from across the country to capture the third annual National Collegiate Cyber Defense Competition, which concluded in San Antonio, Texas, over the weekend. Texas A&M finished a close second, and the University of Louisville took third. Also competing for the championship were the Community College of Baltimore County, Mount San Antonio College of Los Angeles County, and the Rochester Institute of Technology.
Ubuntu machine uncracked in Pwn to Own contest
At this year's CanSecWest conference, would-be crackers could try their skills on three separate laptops: One running OS X, one running Ubuntu, and one running Vista. At the end of the three-day security conference in Vancouver, Canada, last week, both the Mac OS X Leopard and Vista machines had been cracked, leaving only the Ubuntu box uncompromised.
Encrypt volumes through a cross-platform GUI with TrueCrypt 5.0
Last month the TrueCrypt Foundation released TrueCrypt 5.0, which finally introduces a Linux GUI for the cross-platform encryption application. TrueCrypt 5.0's numerous other enhancements include a Mac OS X port, XTS operation mode, the ability to encrypt a system partition or drive under Windows, and the addition of the SHA-512 hash algorithm.
Protecting filesystems and swap space with Cryptmount
Cryptmount allows you to encrypt both your filesystems and swap space. An encrypted filesystem can be stored on a block device like a normal filesystem -- for example, using /dev/sda2 -- or inside a normal file in another filesystem. This later method is especially handy when you would like to work with an encrypted filesystem without changing your partition tables or working with the Logical Volume Manager (LVM). Cryptmount can also encrypt your swap space so that information from an encrypted filesystem is not inadvertently made less secure by the Linux kernel swapping a process out to disk.
In latest release, Nmap looks better than ever
December's release of Nmap 4.50 marked the popular port-scanning tool's tenth anniversary. The 4.50 release includes Zenmap, a cross-platform GUI front end for Nmap which includes a command creation wizard, a scripting engine, and a host of other improvements. Zenmap makes it easier than ever to use Nmap.
Efficient rsyncrypto hides remote sync data
The rsync utility is smart enough to send only enough bytes of a changed file to a remote system to enable the remote file to become identical to the local file. When that information is sensitive, using rsync over SSH protects files while in transit.To protect the files when they are on the server you might first encrypt them with GPG. But the manner in which GPG encrypts slightly changed files foils rsync's efficiency.rsyncrypto allows you to encrypt your files while still allowing you to leverage the speed of rsync.
