Security Projects - Page 51 - Results from #1000

Discover Security Projects News

Building trust into open source

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the past three months, the open-source community has been given a wake-up call. While Microsoft has concentrated on reviewing its flagship Windows source code as part of a new focus on security, Internet watchdogs have released the details of . . .

LinuxSecurity.com Team
Mar 21, 2002

Lcrzoex, Network Testing Toolbox

Laurent Constantin let us know that the Lcrzoex Project now contains more than 300 GPLd network testing tools. "We are proud to announce that lcrzoex now contains over 300 network testing tools. Tool which passed this mark allows to spoof an IP/UDP packet.". . .

LinuxSecurity.com Team
Mar 21, 2002

Firms undergo NSA infosec rating

The National Security Agency last week announced the first companies to undergo an appraisal of their information security practices in a program aimed at helping government and commercial organizations improve their systems security. According to the Infosec Assessment Training and Rating . . .

LinuxSecurity.com Team
Mar 21, 2002

PHP-Nuke & Post-Nuke Account Hijacking

To exploit this vulnerability one must create an account into the target site, base64_decode his cookie,modify the username in the cookie to inject SQL,base64_encode his cookie and pass it with save=1 to article.php (which must be done throught modules.php). . .

LinuxSecurity.com Team
Mar 20, 2002

PHP Audit Project

Because PHP is a critical piece of the hosting service puzzle, the PHP audit project was started in order to harden the PHP interpreter against known and unknown vunlerabilities. We are also trying to add some enhancements for the OpenBSD operating . . .

LinuxSecurity.com Team
Mar 10, 2002

The Myth of Open Source Security Revisited

The author revisits a debate begun here recently on the nature of security in Open Source projects: do 'lots of eyeballs' insure secure code? It is a common misconception amongst users of Open Source software that it is a panacea when it comes to creating secure software.. . .

LinuxSecurity.com Team
Mar 04, 2002

Open sourcers spice up security testing

A group of open source developers dedicated to introducing an industry standard on security testing will be releasing the fruits of their labours later this month. Ideahamster.org started working on the Open Source Security Testing Methodology Manual (OSSTMM ) last year after becoming "sick of reading bland testing methodology descriptions".. . .

LinuxSecurity.com Team
Feb 18, 2002

Site to pool scrutiny of Linux security

A government-funded initiative announced Tuesday aims to boost code review of open-source software to prevent security holes. Funded by the Defense Advanced Research Project Agency, the same organization to initially bankroll the predecessor to the Internet, the Sardonix Audit Portal aims . . .

LinuxSecurity.com Team
Feb 07, 2002

Peek-A-Booty to debut at grassroots P2P show

Cohen worked on MojoNation before quitting last April to concentrate on his BitTorrent project, and he's convening hackers in downtown San Francisco next month for a P2P/cypherpunk conference a world away from the usual corporate trappings. "[Other] Conferences cost a ridiculous amount of money, and hackers are treated like dirt," says Cohen.. . .

LinuxSecurity.com Team
Jan 29, 2002

Darren Reed Releases OpenBSD 3.0 with IPfilter

When Darren Reed, author of the packet filtering support for OpenBSD, modified the license terms for his software, support for ipfilter was removed from the main OpenBSD tree. Now, Darren has released his own version of OpenBSD 3.0 that includes support for his packet filtering. . . .

LinuxSecurity.com Team
Jan 22, 2002

Debian, security, and you

An interesting bug was filed today by Florian Weimer. I'll quote the bug report in full: "Over the past few months, the GNU/Linux community has slowly adopted a way of dealing with security issues which closely resembles the approach suggested by . . .

LinuxSecurity.com Team
Jan 17, 2002

akpop3d - small and secure POP3 daemon

Andreas Krennmair writes, "Because I found the design of Solar Designer's POP3 daemon popa3d somewhat obscure, I started writing my own POP3 daemon, called akpop3d. Now I want to ask the LinuxSecurity.com community to peer-review this program. Although I . . .

LinuxSecurity.com Team
Jan 13, 2002

The OpenAntivirus Project

OpenAntiVirus is a platform for people seriously interested in anti-virus research, network security and computer security to communicate with each other, to develop solutions for various security problems, and to develop new security technologies. Moreover, OpenAntiVirus will also provide an integrative platform for different developing projects related to virus protection and computer security already existing within the Open Source Community.. . .

LinuxSecurity.com Team
Dec 31, 2001

phrack #58 Released!

The latest version of phrack has been released. This issue covers Advances in kernel hacking, RPC without borders, Developing StrongARM/Linux shellcode, The Security of Vita Vuova's Inferno OS, Phrack World News, and more.. . .

LinuxSecurity.com Team
Dec 28, 2001

Review: EnGarde Secure Linux 1.0.1

If you've never used Linux before and need to set up a server fast and easily, this is one of the best ways to do it. It's also very cost effective because it will run on almost any PC and doesn't require any expensive hardware, not to mention that the software itself sells for a very low price. This is a very well done and thought out software bundle that's sure to be around for a long time.. . .

LinuxSecurity.com Team
Dec 18, 2001

Peacefire.org Wins Spam Suits

Bennett Haselton, the Webmaster for anti-Internet censorship Web site Peacefire.org, is the latest in a string of Washington residents to emerge victorious in small claims court by invoking the state's new law against unsolicited bulk e-mail. While the $2,000 in damages . . .

LinuxSecurity.com Team
Dec 12, 2001

Honeynet Research Alliance Announced

Lance Spitzner, founder of the Honeynet Project, wrote in to tell us of the formation of the Honeynet Alliance, an effort to work with security organizations around the world to collaborate on the research and development of their project to learn the tools, tactics, and motives of the blackhat community, and share the lessons learned.. . .

LinuxSecurity.com Team
Dec 05, 2001

Rainbow and Guardian Digital Team Up on Linux Security Acceleration

Rainbow eSecurity, a Rainbow Technologies, Inc. company and a leading solutions provider of digital content and transaction security, and Guardian Digital, the open source security company, today announced a strategic and technology partnership aimed at securing Linux-based transactions. This integrated . . .

LinuxSecurity.com Team
Dec 05, 2001

Overview of LIDS, Part Four

This is the fourth and final installation of a four-part series devoted to the exploration of LIDS, a Linux kernel patch that will allow users to take away the all-powerful nature of root. The first article in this series offered an . . .

LinuxSecurity.com Team
Dec 03, 2001

Secrets of Security Policy Development Revealed!

Fred shares his professional experience and describes what's required to write a security policy for your organization. "Anyone reading this can draft a corporate security policy, using the secrets I reveal in this column. All you need is a bit of guidance, which I provide herein by discussing where to begin, what components are needed, and what procedures to follow. Due to space limitations, my advice is fairly high level, but it should be enough to get you started.. . .

LinuxSecurity.com Team
Nov 23, 2001

Security Projects - Page 51

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12

Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins

Deck the Halls with Enhanced Security: Linux Kernel 6.13's Top Features & Improvements