Linux Network Security - Page 25

Discover Network Security News

Enterasys Blades Add Security, Policy Routing to Switches

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Enterasys Networks this week unveiled new blades for its Matrix N-Series flow switches that feature improved routing and security capabilities. The four new Diamond Distributed Forwarding Engines (DFEs), essentially new line cards, deliver high-density Gigabit Ethernet and 10 Gigabit Ethernet aggregation. The blades' architecture guarantees that only authorized users access information resources and prevents intruders from taking advantage of vulnerabilities to tap into business assets.

Bill Keys
Mar 27, 2007

Is Web 2.0 a Security Risk?

British firms are at risk of data leakage through their employees' increasing use of Web 2.0 technologies and social networking websites, security experts have warned. A survey of more than 1000 office workers found that 42 percent of those aged between 18 and 29 discussed work-related issues on social networking sites and blogs.

Bill Keys
Mar 26, 2007

VoIP Still Faces Security Hangups

After legal and regulatory victories, Internet voice remains a consumer play, as businesses remain skeptical. Though Internet voice providers are overcoming some regulatory and legal hurdles, the major barrier standing between them and the mainstream corporate market is still a glaring lack of security, analysts say.

Bill Keys
Mar 24, 2007

Novell Delivers Next-Generation Security Information solution

Novell introduced the latest version of Sentinel, its award-winning security information and event management solution. Representing a significant update from previous versions, Sentinel from Novell version 6.0 offers new capabilities for automating real-time monitoring of the enterprise security environment, identifying and remediating security incidents and documenting regulatory compliance.

Brittany Day
Mar 23, 2007

How to Make a Honeypot Network Security System Pay Off

Honeypots have largely been relegated to use by academia and antivirus vendors because most enterprise IT teams figure they're too expensive to run and could land their companies in legal trouble. But honeypots aren't as scary as all that, according to an expert on the topic who spoke at the InfoSec World Conference & Expo in Orlando Tuesday.

Bill Keys
Mar 22, 2007

A new day for business security

It might not seem as if a building security guard and a network administrator have much in common. But they do--and the distinction between the two is blurring more every day. It's true that the people who control building access from security desks and those securing computer networks both watch traffic and walk perimeters to safeguard an organization's assets. But now, technology, tighter security controls, federal regulations and potential cost benefits are bringing the two traditionally separate worlds together--and the convergence is driving industry alliances that may have seemed unusual in the past.

Brittany Day
Mar 20, 2007

Protection From The Inside Out

To stop data leakage, try a two-punch strategy that combines outbound content-monitoring tools with digital rights-management appliances. A disgruntled employee here, a careless one there, and just about any enterprise can find itself facing a mountain of trouble from confidential information made public. Help is at hand. Armed with increasingly sophisticated outbound-content monitors, information security officers finally have the weapons they need to conquer the threat of data leakage.

Bill Keys
Mar 19, 2007

Security Pro Zeroes in on Oracle Bugs

Bug hunter David Litchfield says the Oracle community shouldn't be so smug when it comes to database security. He represents NGS Software, which has serviced Oracle in the past and Microsoft at present. David Litchfield, a noted bug hunter, has made it his mission to tell the world that database software is insecure -- Oracle's database software in particular. Litchfield has been vocal in his criticism of Oracle, even calling for the resignation of Oracle Chief Security Officer Mary Ann Davidson.

Bill Keys
Mar 16, 2007

OpenBSD hit by 'critical' IPv6 flaw

A vulnerability in the way OpenBSD handles IPv6 data packets exposes systems running the traditionally secure open-source operating system to serious attack. A memory corruption vulnerability error exists in the OpenBSD code that handles IPv6 packets, Core Security Technologies said in an alert published Tuesday. Exploiting the flaw could let an attacker commandeer a vulnerable system, according to Core, which said it discovered the issue and crafted sample exploit code.

Brittany Day
Mar 15, 2007

New Shield Repelled Internet Backbone Attack

An attack in early February on key parts of the backbone of the internet had little effect, thanks to new protection technology, according to a report released this week. The distributed denial-of-service attack on the Domain Name System (DNS) proved the effectiveness of the Anycast load-balancing system, the Internet Corporation for Assigned Names and Numbers (ICANN) said in a document published on Thursday. ICANN regulates internet domain name and address registration and operates one of the main so-called root DNS servers.

Bill Keys
Mar 14, 2007

Zabbix: State-of-the-art network monitoring

Zabbix is an enterprise-class open source distributed monitoring solution for servers, network services, and network devices. It's easier to use and provides more functionality than Nagios or BigBrother.

Anthony Pell
Mar 13, 2007

RSS Security Threats With Financial Services

Web 2.0 technologies are penetrating deeper into the financial services sector as Enterprise 2.0 solutions, adding value to financial services. Analysts can leverage information sources to go beyond the obvious. Trading and Banking companies like Wells Fargo and E*Trade are developing their next generation technologies using Web 2.0 components; components that will be used in banking software, trading portals and other peripheral services.

Bill Keys
Mar 12, 2007

SMEs Wary of Online Backup Due to Security

The number one concern for small to medium-sized enterprises (SMEs) considering online backup is security and as a result less than 10pc of Irish SMEs are planning to invest in online backup in 2007, broadband player Magnet said today quoting research from iReach.

Bill Keys
Mar 08, 2007

IRC Bot a Growing Threat To Enterprise Networks

A new internet relay chat (IRC) bot is building an even larger zombie family that could pose a significant threat to enterprise networks, security researchers said today.

Brittany Day
Mar 07, 2007

sshguard: Protection for OpenSSH

Are you concerned about brute force dictionary attacks on SSH? Given the popularity of these attacks, you should be. sshguard is a new tool to help protect against such attacks. Although it is still in beta stage, it appears to work well.

Brittany Day
Mar 06, 2007

How Dangerous Is Skype?

There's been a lot information -- and misinformation -- available about whether Skype is dangerous to corporate networks and individual users. How dangerous is it? In this article, I'll separate the truth from the myths when it comes to Skype vulnerabilities.

Brittany Day
Mar 06, 2007

Single Packet Authorization

Countless pieces of software, protocols and complex interdependencies together form a system for which it is difficult to guarantee any particular property-particularly security. Even software specifically designed to enhance security can, at the behest of clever individuals armed with detailed knowledge, work to its detriment. Vulnerabilities have been discovered in all sorts of security software from firewalls to implementations of the Secure Shell (SSH) Protocol. For example, OpenSSH is developed by some of the most security-conscious developers in the world, and yet it occasionally contains a remotely exploitable vulnerability. This is an important fact to note because it seems to indicate that security is hard to achieve and, therefore, bolsters the case for a defense-in-depth approach. This article explores the concept of Single Packet Authorization (SPA) as a next-generation passive authentication technology beyond port knocking.

Brittany Day
Mar 06, 2007

Why Your Web Apps are Sitting Ducks

Despite improvements in code quality, Web servers remain at high risk of being hacked, according to a new paper from researchers who use honeypot technologies to examine how hackers tick. The Honeynet Project, which provides real systems for unwitting attackers to interact with, says Web applications remain vulnerable for host of reasons. These include poor-quality code, the fact that attacks can be performed using PHP and shell scripts (which is generally easier than using buffer-overflow exploits), and the emergence of search engines as hacking tools.

Bill Keys
Mar 03, 2007

Google Sharpens Malware Alerts for Webmasters

Google Inc. has enhanced the way it notifies webmasters that their sites contain malware, improving on a service the Mountain View, California, company launched in November of last year in a partnership with The Stop Badware Coalition. Google has begun providing more detailed alerts and to send these notifications via e-mail to webmasters, according to a posting Monday on an official Google blog.

Bill Keys
Feb 28, 2007

Make Your Router Secure Right Now

If you weren't worried enough about the security of your home computer and network, it may be time to step it up. A new study by Indiana University and Symantec has discovered (and, alas, made more public) a new hacking technique called "drive- by pharming." Of course, we can't use a name actually in the dictionary, but the gist of it is that your home router may be insecure.

Bill Keys
Feb 28, 2007

Linux Network Security - Page 25

Linux Pentesting Distros: An Essential Tool for Strengthening Network Security

Enhancing Network Security with Linux Proxy Servers

OPNsense 24.7 'Thriving Tiger': Elevating Open-Source Network Security and Performance