Blog Posts Tagged with "Linux"

959779642e6e758563e80b5d83150a9f

Encryption: A Buzzword, Not a Silver Bullet

February 16, 2012 Added by:Danny Lieberman

Encryption, buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider four encryption components on the server side: passwords, tables, partitions and inter-tier socket communications...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Did the 2006 Symantec Breach Expose RSA's SecurID?

February 10, 2012 Added by:Kevin McAleavey

The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...

Comments  (23)

Ca77c9128684f4263450c6d728107608

Starting to Clean Up the Mess from PCAnywhere

February 09, 2012 Added by:Damion Waltermeyer

I realized not everyone was even sure how to go about starting to clean up from the PCAnywhere exploit. To start, I am going to share with you my method for finding machines that are potentially open to this exploit...

Comments  (3)

44fa7dab2a22dc03b6a1de4a35b7834a

Popular Dedicated Linux Distributions and Tools

January 17, 2012 Added by:Bill Gerneglia

There are Linux distributions dedicated to multimedia editing, monitoring, security testing, and basic system administration. Here are some specialized open source Linux distributions that can be used by the IT admins to perform their job with some free sophisticated tools...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Linux Mint to Take Linux Crown from Ubuntu?

January 15, 2012 Added by:Dan Dieterle

Ubuntu has received some stiff competition from Linux Mint. Distrowatch shows that Linux Mint has been the most popular Linux distribution over the last year, and it comes with the firewall graphical user interface installed...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Social Engineering: The Tainted PDF and a Sales Call

January 12, 2012 Added by:Infosec Island Admin

Generally, people just aren’t thinking all that much when they get these calls. Sure, people should never be asking them for their passwords, but now this. Open this file would you? Tell me how many pages it has to verify that you got it, would you?

Comments  (0)

959779642e6e758563e80b5d83150a9f

Top Ten Mistakes Made By Linux Developers

December 11, 2011 Added by:Danny Lieberman

My colleague, Dr. Joel Isaacson talks about the top ten mistakes made by Linux developers. It’s a great article and great read from one of the top embedded Linux programmers in the world...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Duqu Servers Included Hacked Linux Systems

December 01, 2011 Added by:Dan Dieterle

Be it brute force password hacking or another Stuxnet 0-Day, Duqu shows that Linux is vulnerable to hackers. With a growing install base, supplanting Windows in many facilities, expect it to become even more of a target...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Security-Enhanced Linux Support

September 22, 2011 Added by:Jamie Adams

SELinux is an enhancement to the standard kernel that provides fine-grained security MAC rules. The Targeted policy provides security for commonly used daemons such as httpd, dhcpd, mailman, named, portmap, nscd, ntpd, portmap, mysqld, postgres, squid, syslogd, winbind, and ypbind...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Backtrack 5: Linux and Mac Vulnerable to Malicious Scripts

August 31, 2011 Added by:Dan Dieterle

Malicious scripts and executables are encoded and obfuscated to purposely bypass anti-virus programs. Once they are run on a target machine - Windows, Mac or Linux - they connect through the firewall to the attacker's machine. It is imperative to educate your users about these attacks...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Skype Vulnerable to HTML/JavaScript Code Injection

August 23, 2011 Added by:Headlines

"Does it make sense to allow users to 'embed' HTML code in their Skype profile and especially in those 'phone number' fields? Also, there is no option to define any HTML code in Skype client. I was able to find those bugs with Linux Skype client. I guess they don't focus so much on that client..."

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Getting Started with the New Red Hat 5 STIG

August 18, 2011 Added by:Jamie Adams

The generic UNIX STIG supported numerous UNIX and Linux distributions but never addressed Red Hat Enterprise Linux 5. For many years, this lack of support was a source of frustration for system administrators. I've completed my initial review and I want to share some of my findings and tips...

Comments  (2)

959779642e6e758563e80b5d83150a9f

Medical Device Security in a Hospital Network

July 28, 2011 Added by:Danny Lieberman

Developing for embedded Linux is not copy and paste from Windows. It requires expertise to setup the basic infrastructure. But, once that infrastructure is up, the medical device developer and it’s hospital customer can be confident that they are standing on a secure platform...

Comments  (2)

4085079c6fe0be2fd371ddbac0c3e7db

What is a Kernel Level Audit Trail?

July 11, 2011 Added by:Jamie Adams

Few people understand how audit records are generated or the difference between a kernel level audit trail and an application event log. It is critical to configure auditing and logging mechanisms to capture the right data to safeguard the data to prevent it from being modified...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

How to Log In to Windows Without the Password

July 08, 2011 Added by:Dan Dieterle

This process works on a fully patched and updated Windows 7 system. When I checked it last year, it also worked on all of Windows server products. Windows protects these system files from being modified when Windows is booted, but booting in Linux to alter them just takes a couple minutes at most...

Comments  (14)

4085079c6fe0be2fd371ddbac0c3e7db

Protecting Linux Against DoS/DDoS Attacks

June 27, 2011 Added by:Jamie Adams

When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »