Security Onion is a Linux distribution for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, Network Miner, and many other security tools. Security Onion is a platform that allows you to monitor your network for security alerts. It’s simple enough to run in small environments without many issues and allows advanced users to deploy distributed systems that can be used in network enterprise type environments.
The famous Network Security Toolkit (NST) computer operating system used by many network administrators and security specialists to analyze and monitor networks, as well as to tighten the security of computer networks, received an update on February 9, 2015. The version is now Network Security Toolkit 20 SVN 6535.
This past week the person who manages one of the world’s most important cryptography projects, Werner Koch, went from going broke to raising more than $100,000 for his project, GNU Privacy Guard. This is in addition to the $60,000 The Linux Foundation’s Core Infrastructure Initiative (CII) dedicated to Werner last month. GnuPG is used not just to encrypt and authenticate email but provides the confirmation that software packages and releases are what they claim to be. Facebook, Stripe and others are answering the calls to support the individuals who are developing the world’s most critical digital infrastructure.
Version 2.21 of the GNU C Library is now available. Glibc 2.21 fixes a lot of issues while also adding some new functionality.
Glibc 2.21 has many bug fixes, several security fixes, a port to the Altera Nios II platform, a new sempahore algorithm, support for TSX lock elision on PowerPC, optimized string functions for AArch64, support for new MIPS ABI extensions, and many other changes.
More details on glibc 2.21 can be found via the mailing list release announcement. Other GNU C Library 2.21 details can be found via the Sourceware.org Wiki.
So for the past three months I’ve been using Tor Browser to surf the Web, not as a primary browser, but as a secondary browser. Firefox is my primary browser.
Together with using StartPage as my search engine, I feel much better about my privacy while surfing the Internet. Using Tor Browser leads to a tad slower browsing experience, but I knew that going in, so no complaints there.
The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive.
Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded.
Using Tor alone will not prevent the so-called DNS Leak problem. If your Web browser is not configured correctly your Linux installation will still use your ISP’s DNS servers instead of the DNS servers favoured by Tor, in which case your ISP will know which sites you are accessing.
The two biggest issues regarding Android's security are the size of the Android market and fragmentation of the Android ecosystem. Those issues impact all mobile platforms, not just Android, according to Charles King, principal analyst at Pund-IT. "The former point is an issue since, as Microsoft learned to its sorrow with Windows," King remarked.
Security vulnerabilities, like most things, go through a life cycle from discovery to installation of a fix on an affected system. Red Hat devotes many hours a day to combing through code, researching vulnerabilities, working with the community, and testing fixes–often before customers even know a problem exists.
There are many options available today for users looking at Linux distributions tailored for security research, and among them is BackBox Linux, which was updated to version 4.1 on Jan. 29. Backbox Linux 4.1 is based on the Ubuntu 14.04 LTS (Long Term Support) distribution and uses the Xfce desktop environment. BackBox Linux is not intended to primarily be a user-focused privacy distribution, as is the case with Tails, but rather is more aligned with Pentoo, CAINE and Kali Linux, all of which focus on providing tools for security analysis. Though BackBox is not primarily a privacy distribution, it does have tools that enable security researchers to stay anonymous while conducting research. For example, a RAM wiping tool will erase the memory on the system that Backbox is running when the operating system shuts down. Plus, BackBox includes a command line interface wizard that provides users with options for enabling anonymous network traffic over Tor (The Onion Router), as well as masking a user's hostname. In this slide show, eWEEK takes a look at some of the features in the BackBox Linux 4.1 release.