Security Projects - Page 44
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Integrating SEM (security event management) technology with existing security and system management infrastructure can be a hair-raising experience. Security point products such as IDSes, anti-virus gateways, and vulnerability scanners tend to use proprietary formats for reporting, recording network events, and issuing alerts. . . .
Airport security is an ever-growing concern these days, as fears about the potential for terrorist attacks loom worldwide. One airport adopting major security upgrades is the Santiago Airport in Chile, which recently opened 60 checkpoint kiosks utilizing biometric security software running on SUSE Enterprise Linux. . . .
IPsec is an addition to IP protocol that allows authentication and encryption of IP datagrams. It is defined in detail in IETF RFCs 2401, RFC 2402, RFC 2406 and RFC 2407 (see Resources). IPsec can be used to secure a rather wide range of scenarios; one of its best-known usages is creating virtual private networks (VPNs). . . .
Updated: The vast majority of worms and other successful cyber attacks are made possible by vulnerabilities in a small number of common operating system services. Attackers are opportunistic. They take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools. . . .
Eat your spinach," Mom used to say. "It will make your muscles grow, power your laptop and recharge your cell phone... " OK. So nobody's Mom said those last two things. . . .
A consortium of European companies, including Linux-distributor Mandrakesoft, has been awarded a three-year, $8.6 million contract to boost security of the open-source Linux operating system, the companies said Thursday. . . .
Yes, friends, I am afraid you do have to start paying attention to IPv6 (Internet Protocol version 6) (define). It's on its way, it's inevitable, and us ace network admins must learn to use it. . . .
[Johannesburg, 20 September 2004] - A preview of a new Linux distribution inspired by South African international open source software evangelist, Mark Shuttleworth, is available on the Internet. . . .
Passwords, the dominant form of securing enterprise assets, are a failure, a research firm said Thursday.According to the Meta Group, passwords aren't cutting the mustard because of both organizational and user failings, . . .
Cryptography firm Certicom has announced a cross-platform security toolkit for future mobile phone handsets. The Certicom Security Architecture for Mobility will provide a common programming interface for developers to access . . .
Indiana University has automated its software security patch management in a bid to help protect potentially sensitive student records and reduce network vulnerabilities. . . .
Internet standards group rejects the protocol because of embedded Microsoft proprietary technology.Several Internet sources today reported that the Internet's Internet Engineering Task Force (IETF) has officially turned thumbs down . . .
There are a number of promising technical papers under consideration by the Internet Engineering Task Force which deal with the ever-growing problem of spam. Most of them seek to attack the spam problem obliquely rather than head on. . . .
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required. . . .
The Mozilla Foundation, maker of the Firefox web browser and Thunderbird e-mail application, is offering a $500 (£275) bounty to users who identify and report bugs found in its open-source software. . . .
The open-source PHP Group has released a fix for a pair of security holes that could be exploited to execute arbitrary code on remote PHP servers. The flaws affect PHP versions 4.3.7 and prior and version 5.0.0RC3 and prior. The final version of PHP 5.0, which was released earlier this week, is not affected. . . .
According to the Mozilla Foundation, the vulnerability was posted on Thursday to Full Disclosure, a public security mailing list. The same day, the foundation's security team confirmed the report and developed a fix. On Friday, the Mozilla team released a configuration change that resolves the problem by explicitly disabling the use of the shell external protocol handler. . . .
The flaw, known as the "shell" exploit, was publicized Wednesday on a security mailing list, along with a link to a fix for the problem. Updated versions of the affected software programs, which include the Mozilla, Firefox and Thunderbird browsers, have been released. Developers said the flaw affects only Windows users, not computers running the Macintosh and Linux operating systems. . . .
"It's an amazing thing how insecure the big corporations are," said Echemendia during a break in the weeklong seminar. "It's just amazing how easy it is." Hackers are believed to cost global businesses billions of dollars every year, and the costs to defend against them are soaring. . . .
OASIS addressed another layer of security concerns around Web services Wednesday when it ratified the Application Vulnerability Description Language (AVDL) 1.0 as a standard, the organization's highest level of ratification. AVDL is an XML schema that enables security products to communicate information about new and existing Web application vulnerabilities between themselves, according to AVDL Technical Committee co-chairman Kevin Heineman. . . .