Linux Network Security - Page 18

Discover Network Security News

PorkBind v1.3 - Nameserver (DNS) Security Scanner

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each. Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread. With the threat on DNS increasing and it's importance to the internet as a whole it's something that system administrator's need to take seriously. This article looks at the security tool for bind called PorkBind.

Bill Keys
Sep 15, 2008

Controlling Internet Access With SafeSquid

Content-filtering proxies restrict Internet access privileges for users or groups across an entire network. They must be able to block unwanted content through keyword, URL, DNS, MIME, and image filtering. They need to authenticate and log a user's Internet activity by monitoring and generating detailed reports of URLs accessed, and they must integrate antivirus or malware protection by accessing a reliable antivirus server. Fulfilling all these functions may be a lot to ask, but SafeSquid delivers on all counts. Do you want to use an open source content-filtering proxy that has the capabilities of Squid with content filtering and content security? Check out its features in this informative article.

Brittany Day
Sep 09, 2008

Google Chrome Flaws Come Soon After Browser Release

Less than a day after Google arrived on the browser scene with the launch of Chrome, two security researchers have disclosed separate vulnerabilities that could be exploited to compromise the software. Researcher Aviv Raff told SCMagazineUS.com on Wednesday that Chrome suffers from the same

Brittany Day
Sep 04, 2008

Security-Wise, Google Chrome is (Potentially Very) Good

Security bloggers are already commenting on Google

Bill Keys
Sep 03, 2008

Wider Implications of the Red Hat Breach

Reports of data losses and system breaches are almost becoming passe but from time to time events happen that take on a life of their own and have effects far beyond what the initial breach would normally represent. Late last week there was an announcement that key servers belonging to both the Fedora and Red Hat Linux distributions were compromised. With this breach they join the ranks of Ubuntu, Debian and Gentoo as Linux distributions that have suffered severe server breaches. What is the wider significance of the breach to the Fedora and Red Hat Linux distributions that occurred last week? What kind of questions should those responsible for system security be asking themselves in light of this breach? Find out in this informative article.

Brittany Day
Sep 02, 2008

Firefox 3.0's SSL Certificate Interface Meets Resistance

Firefox 3.0, released not too long ago, was generally well-received. It added a load of new features, while also providing much-needed speed improvements and better memory management. Some new features, however, have met more resistance - one of them is the rather complicated user interface thrown at users when they reach a website with an invalid or expired SSL certificate. Find out why the new SSL certificate interface for Firefox 3.0 may be difficult to grasp for ordinary users, even though it is designed to improve user security. Check it out in the following article.

Brittany Day
Aug 29, 2008

Revealed: The Internet's Biggest Security Hole

Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency. The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination. Find out about a new exploit that uses a weakness in the design of the internet's Border Gateway Protocol (BGP) to re-direct traffic to an eavesdropper. How do you think ISPs will respond to defending against this new technique? Check it out in the article below.

Brittany Day
Aug 27, 2008

Next-generation Computer Antivirus System Developed

Traditional antivirus software is installed on millions of individual computers around the world but according to researchers, antivirus software from popular vendors is increasingly ineffective. The researchers observed malware --malicious software--detection rates as low as 35 percent against the most recent threats and an average window of vulnerability exceeding 48 days. That means new threats went undetected for an average of seven weeks. The computer scientists also found severe vulnerabilities in the antivirus engines themselves. The researchers' new approach, called CloudAV, moves antivirus functionality into the "network cloud" and off personal computers. CloudAV analyzes suspicious files using multiple antivirus and behavioral detection programs simultaneously. This is an interesting article about the research and development of improvements to virus scanner software. Do you think this new approach will help to catch more viruses on user's machines?

Bill Keys
Aug 27, 2008

Mozilla Firefox Browser Gets Security Boost

Carnegie-Mellon University Monday announced it's making available a free add-on to Mozilla Firefox 3.0 that's intended to boost browser security. Find out about how you can protect your Firefox 3.0 browser from digital-certificate and man-in-the-middle threats by using the new free add-on from Carnegie Mellon University. Check it out in the following informative article.

Brittany Day
Aug 26, 2008

A DIY Project for Network Security

The past few weeks have been frustrating and rewarding all at the same time. I had set a goal to configure an intrusion-detection system (IDS) using the de facto standard, Snort on Linux. In our environment, we have very little in the way of security tools and devices, and little or no budget to procure such items. This project was the first step in being able to detect potentially malicious network traffic as inexpensively as possible. security manage This article discuses a security managers experience with deploying a Linux intrusion-detection system. Have you implemented a IDS on your network? If so what was your experience?

Bill Keys
Aug 22, 2008

Open Vulnerability Assessment System

As you all probably known since version 3 Nessus turned to a proprietary model and started charging for the latest plugins locking most of us out. Now we finally have a new, properly organized forked development with the name of OpenVAS - at last a decent and free Vulnerability Scanner! OpenVAS is a network security scanner which contains a graphical user front-end to help find problems in remote systems and applications. Have you tested it out?

Bill Keys
Aug 21, 2008

Mozilla: Security a Significant Focus

Mozilla is moving forward on a number of initiatives to ensure that Internet security improves. Among the efforts is a new approach for determining and measuring security metrics. The security metrics effort, announced earlier this year, is designed to figure out what matters in security and then measure and track those metrics. Snyder explained that the first step of the process, now wrapping up, is about determining what the company needs to look at in terms of security metrics. The next step is figuring how to get that information out of bugzilla and capture it on an ongoing basis. After that the challenge is to get information out and generating raw numbers. At the end the company will do analysis on that information to identify trends, correlate factors and draw conclusions. Mozilla is working on steps to improve the security of it's software by creating a security metrics. What do you think about this security metrics that they are developing? Will it help the security for Firefox?

Bill Keys
Aug 13, 2008

ssh-xfer: Quickly Grabbing Files Over an Existing SSH connection

The ssh-xfer project uses the local SSH agent to allow you to easily grab files using an existing SSH shell connection. You do not have to modify either the SSH client or server programs to use ssh-xfer -- but you will need to patch your ssh-agent. Although having to patch the ssh-agent is not ideal, you do gain one major advantage by doing this: you can send a file through more than one SSH connection. Have you ever used ssh-xfer? This article shows the user how to use ssh-xfer to get files over a network using a SSH shell connection.

Bill Keys
Aug 11, 2008

8 Best E-mail Clients for Linux

Managing e-mail is made easy with the use of e-mail client, also known as e-mail reader. Some e-mail clients can also function as feed reader and can support plug-ins and themes. When it comes to picking the right e-mail client, Linux users have tons of choices. I have here a list of 8 of the best free and open source e-mail clients that are available for Linux. This article looks a 8 E-mail client but which one is the most secure. Email security is important to keep ones privacy when send and receiving emails. What do you think is the most secure? Thunderbird?

Bill Keys
Aug 06, 2008

Mozilla Fixes Nine Flaws in Thunderbird

Mozilla Messaging patched nine security vulnerabilities in Thunderbird Wednesday, the first time it's plugged holes in the e-mail software since early May. The bug patched in Thunderbird Wednesday that was fixed in Firefox last week was in the browser rendering engine's CSSValue array data structure. According to Mozilla, the vulnerability could be used by hackers to force a crash, and from there, run malicious code. Several other just-patched Thunderbird vulnerabilities could also be used by attackers to execute code remotely. Are you in a rush to update your installation of Thunderbird with news that nine security vulnerabilities were found and patched on Wednesday?

Bill Keys
Jul 25, 2008

Network Security Toolkit Distribution Aids Network Security Administrators

Network Security Toolkit is one of many live CD Linux distributions focusing on network monitoring, analysis, and security. NST was designed to give network security administrators easy access to a comprehensive set of open source network applications, many of which are among the top 100 security tools recommended by insecure.org. NST's latest version, 1.8.0, was released last month. You can download NST as a live CD ISO or as a VMware virtual machine from the author's site. Have you ever used a Live CD which is designed to be used for network monitoring? If so, do you have any favorites? This article likes at one Live CD distro called "Network Security Toolkit".

Bill Keys
Jul 24, 2008

Critical Security Issues Found in the Spring Framework

A recent security assessment of an application by Ounce Labs has resulted in the discovery of two vulnerabilities that can affect Java Web applications that use the Spring Framework. Spring has been downloaded more than 5 million times to date, which means the security vulnerabilities identified could affect countless companies that use this framework."One of the problems is there's no default checking to make sure the users are only submitting fields that are visible in the form," Berg said. "That means someone can submit additional data in a request and put it into the Java bean." "The vulnerabilities are not flaws [in the framework]. The issue is developers not understanding the complexity of the framework they're using." Ryan Berg Chief scientist, co-founder, Ounce Labs. So is this a security flaw in the framework or how developers are using it?

Bill Keys
Jul 21, 2008

Relay Server Attack Tactic Dupes Auto-reporting

Sysadmins have begun noticing a coordinated attack on servers with open SSH ports that tries to stay under the radar by only attempting to guess a password three times from any compromised machine. Instead of mounting an attack form a single compromised host, hackers have worked out a means to relay a brute force attack between multiple assault machines. Do you have SSH open on your Linux machine? If so make sure that all your user's passwords are strong. Check out your system logs and see if attackers are trying to guess your passwords.

Bill Keys
Jul 14, 2008

Drupal 6.3 and 5.8 Released, Fixing Security Issues

Upgrading your existing Drupal 5 and 6 sites is strongly recommended. There are no new features in these releases, but we fixed some notable performance issues too. For more information about the Drupal 6.x release series, consult the Drupal 6.0 release announcement, more information on the 5.x releases can be found in Drupal 5.0 release announcement. If you use Drupal it's strongly recommenced that you update it to the latest version.

Bill Keys
Jul 10, 2008

Major fix to DNS Vulnerability Impacts Debian

A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently. In what appears to be a coordinated effort to fix a well known, though still potentially critical vulnerability to the Domain Name System (DNS) protocol, patches are being deployed today for both Windows and Linux, by both Microsoft and Debian, respectively. These patches would enable a long suggested protocol for validating the source of DNS requests. This is definitely an patch that every DNS server should do updates for. Do you think we are going to see DNS servers being attacked in the coming days?

Bill Keys
Jul 09, 2008

Linux Network Security - Page 18

Harnessing Proxies for Enhanced Threat Intelligence: A Guide with Open Source Tools

Understanding HTTP Proxy Servers: A Vital Linux Network Security Tool

Exploring Vulnerability Scanners: Tools & Strategies for a Secure Network