Security Projects - Page 48

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Strengthen Your Linux Software Development Pipeline with Code Security Scanners

Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security measures in development lifecycle processes. Code security scanners play a vital role here. These tool...
Oct 14, 2024
  0

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

Linux has long been celebrated for its versatility, rob...
Sep 25, 2024
  0
1.Penguin Landscape Esm H115

OpenSSL's New Governance Structure: A Beacon of Progress for Open-Source Security

On July 24, 2024, OpenSSL took an extraordinary step to...
Jul 31, 2024
  0
5.ShakingHands Esm H115

Discover Security Projects News

Group Releases Anti-Disclosure Plan

Group Releases Anti-Disclosure Plan

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A group of 11 of the largest software companies and computer security firms released the first public draft of a proposed bug disclosure standard on Wednesday, and asked the security community for comments. The 37-page document sets out a detailed . . .

OASIS to Develop Common Security Language

OASIS to Develop Common Security Language

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new committee at the Organization for the Advancement of Structured Information Standards (OASIS) is laying the groundwork for a new classification system to describe Web security vulnerabilities. The OASIS Web Application Security (WAS) Technical Committee will be responsible for . . .

Secure Wi-Fi standard in 12 months

Secure Wi-Fi standard in 12 months

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Wireless network hardware manufacturers are keen to embrace a new security standard, but 802.11i will take another year before it is signed off. Wi-Fi product makers are lining up to lend support to a new security standard, as they try to allay concerns about transmitting data over wireless networks.. . .

Port Scan Attack Detector

Port Scan Attack Detector

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Michael Rash submits psad (the Port Scan Attack Detector) is a collection of four lightweight system daemons written in Perl and C that are designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in . . .

Too cool for secure code

Too cool for secure code

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The last several weeks, as always, have brought a constant flow of security advisories. Perhaps not a torrent, but certainly more than a mere trickle. Most notable among these is the Linux kernel ptrace vulnerability, which allows local users to acquire root privileges.. . .

Bait N Switch Honeypot

Bait N Switch Honeypot

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Albert Gonzalez submits, "The Bait N Switch Honeypot system is a multifaceted attempt to take honeypots out of the shadows of the network security model. We attempt to make them a participant in your systems defense. To do this, we are . . .

IETF creates anti-spam research group

IETF creates anti-spam research group

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Underscoring growing concern over spam, the Internet Engineering Task Force (IETF) has created a new Anti-Spam Research Group (ASRG) that aims to put unsolicited commercial e-mail in its crosshairs by setting standards for spam detection and potential legislation. . . .

Linux Push On Security Standard

Linux Push On Security Standard

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

IBM, Oracle and Red Hat are backing efforts to ensure the Linux operating system achieves security assurances recognised by the Australian government. IBM and Oracle are working to get Linux certified under the International Common Criteria for Information Technology Security . . .

IBM: IP Security Validator

IBM: IP Security Validator

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

IP Security Validator is an experimental tool that allows validation of Virtual Private Network (VPN) configurations between two network interfaces. As with testing connectivity using the Ping program, IP Security Validator enables verification and validation of VPN configurations and their connectivity.. . .

New Wireless Standard Same Issues

New Wireless Standard Same Issues

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Broadband wireless access took another step forward late last month when the IEEE approved 802.16a, an amendment that adds features to the group's 802.16 standard that defines the WirelessMAN air interface specification. 802.16 was developed by the IEEE's 802.16 Working . . .

Open Source Honeypots: Learning with Honeyd

Open Source Honeypots: Learning with Honeyd

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Lance Spitzner submits the latest from the Honeynet Project. "Honeypots are an exciting new technology. They allow us to turn the tables on the bad guys, we can take the initiative. In the past several years there has been growing interest in exactly what this technology is and how it works. The purpose of this paper is to introduce you to honeypots and demonstrate their capabilities. We will begin by discussing what a honeypot is and how it works, then go into detail using the OpenSource solution Honeyd.. . .

Cyclone: A Safe Dialect of C

Cyclone: A Safe Dialect of C

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cyclone is a programming language based on C that is safe, meaning that it rules out programs that have buffer overflows, dangling pointers, format string attacks, and so on. High-level, type-safe languages, such as Java, Scheme, or ML also provide safety, but they don't give the same control over data representations and memory management that C does (witness the fact that the run-time systems for these languages are usually written in C.). . .

Open-Source Trojans: A Growing Problem?

Open-Source Trojans: A Growing Problem?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Experts say the insertion of Trojans into two popular tools reinforces the need to run readily available programs, such as MD5 hashes, to ensure that code hasn't been altered. Experts recommend using MD5 hashes to expose Trojans. This and similar programs, such as MD4, SHA and SHA-1, continually compare codes generated by "healthy" software to hashes of programs in the field.. . .

Industry Briefs: Grounds for Identity

Industry Briefs: Grounds for Identity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A year ago, identity was mostly the concern of privacy and crypto guys. The only company taking much public interest was Microsoft, which was busy scaring everybody with its Passport identity management system and the Hailstorm initiative that went along with . . .

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved