Security Projects - Page 36

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Strengthen Your Linux Software Development Pipeline with Code Security Scanners

Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security measures in development lifecycle processes. Code security scanners play a vital role here. These tool...
Oct 14, 2024
  0

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

Linux has long been celebrated for its versatility, rob...
Sep 25, 2024
  0
1.Penguin Landscape Esm H115

OpenSSL's New Governance Structure: A Beacon of Progress for Open-Source Security

On July 24, 2024, OpenSSL took an extraordinary step to...
Jul 31, 2024
  0
5.ShakingHands Esm H115

Discover Security Projects News

DDoS Returns: What Researchers Are Learning About Targets, Tactics

DDoS Returns: What Researchers Are Learning About Targets, Tactics

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The ability of attackers to dig deeper and wider thanks to the proliferation of botnets was covered in the first article of this series, DDoS Attacks Are Back (and Bigger Than Before). The trend is also covered at length in The Botnet Hunters. In this article, two IT security practitioners -- one with experience in dealing with DDoS attacks against government systems, the other an expert from the corporate side -- share what they've learned about the targets chosen for DDoS attacks and how to adjust security strategies based on those lessons.

PHP 5.3.1 Released, Security Beefed Up

PHP 5.3.1 Released, Security Beefed Up

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The PHP development team recently introduced the latest version of the new PHP 5.3 branch, PHP 5.3.1. This version essentially does not change the essential core 5.3 PHP engine, but by focusing on stability and security, the PHP team has introduced more than 100 bug fixes and tweaks to the overall framework.

When Vulnerability Management Meets Compliance

When Vulnerability Management Meets Compliance

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Finding and fixing security vulnerabilities in an enterprise is tough enough without someone looking over your shoulder. But when regulatory compliance requirements are involved -- and the auditors who come with them -- the process of vulnerability management brings on a new set of challenges.

Establishing a Security Framework

Establishing a Security Framework

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When it comes to securing your Linux system -- or any other system, for that matter -- the first step is to set up a security policy, a set of guidelines that state what you enable users (as well as visitors over the Internet) to do on your Linux system. The level of security you establish depends on how you use the system -- and on how much is at risk if someone gains unauthorized access to it.

How security will look in 10 years look

How security will look in 10 years look

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Tom Espiner surveys the security landscape for the shape of things to come. When my editor asked me to predict what would happen to security over the coming year, and over the next 10 years, my heart sank. The permanency of internet publishing, caching and so forth means predictions have a habit of coming back to haunt you.

10 Greatest Open Source Software Of 2009

10 Greatest Open Source Software Of 2009

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Great summary of the best free (as in speech and beer) applications of 2009, including TrueCrypt Free open-source disk encryption (real-time on-the-fly encryption) software for Windows, Mac OS X, and Linux (for Linux I prefer native disk encryption). From the wikipedia: It can create a virtual encrypted disk within a file or a device-hosted encrypted volume on either an individual partition or an entire storage device. It supports Microsoft Windows, Mac OS X and Linux (using FUSE) and encrypted volumes can be made portable. The version for Windows Vista or XP can encrypt the boot partition or entire boot drive and has the ability to create and run a hidden encrypted operating system whose existence is deniable.

Linux Advisory Watch: Dec 18th, 2009

Linux Advisory Watch: Dec 18th, 2009

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. Vulnerabilities exist for virtually every vendor, every week. Check this newsletter to be sure your distribution is secure.

Honeynet research lifts the lid on spam trends

Honeynet research lifts the lid on spam trends

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Stats from the one billion spam messages blocked by Project Honey Pot over the last five years provide an insight into junk mail trends and spamming practices. The Honey Pot project was formed by a community of web administrators as an alliance against online fraud and abuse back in 2004. The group now numbers 40,000 members in 170 countries, making it the biggest effort of its kind on the web.

Linux Security Kernel Clean-Up

Linux Security Kernel Clean-Up

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

While Windows has more security problem than a barn dog has fleas, Linux isn't immune to having its own security holes. Recently, two significant bugs were found, and then smashed. To make sure you don't get bit, you should patch your Linux system sooner rather than later.

Linux devs exterminate security bugs from kernel

Linux devs exterminate security bugs from kernel

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Developers have exterminated two bugs from the Linux kernel that threatened the security of people using the open-source operating system. The most serious of the two is remote denial-of-service vulnerability that made it possible for attackers to crash systems by sending them oversized packets.

A new functionality-based application confinement security system for Linux: FBAC-LSM released today

A new functionality-based application confinement security system for Linux: FBAC-LSM released today

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cliffe Schreuders wrote, "Today FBAC-LSM, a new security mechanism for Linux, has been released. FBAC-LSM restricts programs based on the features each application provides. You specify high level goals such as "Web Browser", some application-specific information (which can usually be automated), and then FBAC-LSM stops the programs from misbehaving. This limits the damage which can be done by malicious code due to malware or software vulnerabilities.

Six-monthly releases: OpenBSD shows the way

Six-monthly releases: OpenBSD shows the way

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Six-monthly releases have become something of a talking point in free and open source software circles after the problems Ubuntu has faced with users unhappy over major bugs. While Ubuntu, which is now five years old, appears to struggle with this pace of development, the OpenBSD project has been doing six-monthly releases for the last 12 years - with no major bugs.

I Was Wrong: There Probably Will Be an Electronic Pearl Harbor

I Was Wrong: There Probably Will Be an Electronic Pearl Harbor

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Ira Winkler prognosticates on the possibility of a catastrophic online international event. Interesting? For 15 years now, I have been publicly lambasting all of those people who have made their careers, or at least made fleeting news headlines, based on their declaration of an imminent Electronic Pearl Harbor. My disdain is based on several factors, but predominantly the lack of accountability for such statements.

Trust Linux!

Trust Linux!

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A team of researchers has implemented support for 'trusted computing' in a commercially available version of the open source operating system Linux, breaking new ground in the global drive toward more secure computing environments.

A Linux Security Primer

A Linux Security Primer

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Linux aficionados and computer security experts -- not to mention many IT writers -- are known to use a couple of terms with, well, not-easily-discernable definitions when they talk about Linux security. Problem is, you need to know these terms to understand discussions about computer security (and, of course, to communicate effectively with security vendors).

Firefox 3.6 locks down component directory

Firefox 3.6 locks down component directory

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Mozilla developers have announced that Firefox 3.6 will "lockdown" the components directory of the browser to stop third party applications bypassing the standard add-ons and plug-in support by pushing user invisible changes directly into Firefox. From today's planned release of Firefox 3.6's beta 3, and onwards, the components directory will be for Firefox code only and third party developers will only be able to extend the browser through the officially supported add-ons system.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved