Blog Posts Tagged with "Linux"


Encryption: A Buzzword, Not a Silver Bullet

February 16, 2012 Added by:Danny Lieberman

Encryption, buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider four encryption components on the server side: passwords, tables, partitions and inter-tier socket communications...

Comments  (0)


Did the 2006 Symantec Breach Expose RSA's SecurID?

February 10, 2012 Added by:Kevin McAleavey

The Symantec leak could pose a risk to RSA's SecurID. Examination of the source code for PCAnywhere turned up something disturbing - numerous header files and several libraries belonging to RSA, and SecurID code is part of the exposed PCAnywhere product source code...

Comments  (23)


Starting to Clean Up the Mess from PCAnywhere

February 09, 2012 Added by:Damion Waltermeyer

I realized not everyone was even sure how to go about starting to clean up from the PCAnywhere exploit. To start, I am going to share with you my method for finding machines that are potentially open to this exploit...

Comments  (3)


Popular Dedicated Linux Distributions and Tools

January 17, 2012 Added by:Bill Gerneglia

There are Linux distributions dedicated to multimedia editing, monitoring, security testing, and basic system administration. Here are some specialized open source Linux distributions that can be used by the IT admins to perform their job with some free sophisticated tools...

Comments  (1)


Linux Mint to Take Linux Crown from Ubuntu?

January 15, 2012 Added by:Dan Dieterle

Ubuntu has received some stiff competition from Linux Mint. Distrowatch shows that Linux Mint has been the most popular Linux distribution over the last year, and it comes with the firewall graphical user interface installed...

Comments  (0)


Social Engineering: The Tainted PDF and a Sales Call

January 12, 2012 Added by:Infosec Island Admin

Generally, people just aren’t thinking all that much when they get these calls. Sure, people should never be asking them for their passwords, but now this. Open this file would you? Tell me how many pages it has to verify that you got it, would you?

Comments  (0)


Top Ten Mistakes Made By Linux Developers

December 11, 2011 Added by:Danny Lieberman

My colleague, Dr. Joel Isaacson talks about the top ten mistakes made by Linux developers. It’s a great article and great read from one of the top embedded Linux programmers in the world...

Comments  (0)


Duqu Servers Included Hacked Linux Systems

December 01, 2011 Added by:Dan Dieterle

Be it brute force password hacking or another Stuxnet 0-Day, Duqu shows that Linux is vulnerable to hackers. With a growing install base, supplanting Windows in many facilities, expect it to become even more of a target...

Comments  (0)


Security-Enhanced Linux Support

September 22, 2011 Added by:Jamie Adams

SELinux is an enhancement to the standard kernel that provides fine-grained security MAC rules. The Targeted policy provides security for commonly used daemons such as httpd, dhcpd, mailman, named, portmap, nscd, ntpd, portmap, mysqld, postgres, squid, syslogd, winbind, and ypbind...

Comments  (0)


Backtrack 5: Linux and Mac Vulnerable to Malicious Scripts

August 31, 2011 Added by:Dan Dieterle

Malicious scripts and executables are encoded and obfuscated to purposely bypass anti-virus programs. Once they are run on a target machine - Windows, Mac or Linux - they connect through the firewall to the attacker's machine. It is imperative to educate your users about these attacks...

Comments  (2)


Skype Vulnerable to HTML/JavaScript Code Injection

August 23, 2011 Added by:Headlines

"Does it make sense to allow users to 'embed' HTML code in their Skype profile and especially in those 'phone number' fields? Also, there is no option to define any HTML code in Skype client. I was able to find those bugs with Linux Skype client. I guess they don't focus so much on that client..."

Comments  (0)


Getting Started with the New Red Hat 5 STIG

August 18, 2011 Added by:Jamie Adams

The generic UNIX STIG supported numerous UNIX and Linux distributions but never addressed Red Hat Enterprise Linux 5. For many years, this lack of support was a source of frustration for system administrators. I've completed my initial review and I want to share some of my findings and tips...

Comments  (2)


Medical Device Security in a Hospital Network

July 28, 2011 Added by:Danny Lieberman

Developing for embedded Linux is not copy and paste from Windows. It requires expertise to setup the basic infrastructure. But, once that infrastructure is up, the medical device developer and it’s hospital customer can be confident that they are standing on a secure platform...

Comments  (2)


What is a Kernel Level Audit Trail?

July 11, 2011 Added by:Jamie Adams

Few people understand how audit records are generated or the difference between a kernel level audit trail and an application event log. It is critical to configure auditing and logging mechanisms to capture the right data to safeguard the data to prevent it from being modified...

Comments  (0)


How to Log In to Windows Without the Password

July 08, 2011 Added by:Dan Dieterle

This process works on a fully patched and updated Windows 7 system. When I checked it last year, it also worked on all of Windows server products. Windows protects these system files from being modified when Windows is booted, but booting in Linux to alter them just takes a couple minutes at most...

Comments  (14)


Protecting Linux Against DoS/DDoS Attacks

June 27, 2011 Added by:Jamie Adams

When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »