Security

ID theft, vulnerabilities, privacy issues, etc

Secure Websites Using SSL And Certificates

Filed under
Security
HowTos

This article will guide you through the entire process of setting up a secure website using SSL and digital certificates. This guide assumes that you already have a fully functional (and configured) server running Apache, BIND, and OpenSSL.

How Safe are Passwords in Internet Explorer, Firefox, and Opera?

Filed under
Security

CybernetNews: I’m sure many of you look kindly upon the fact that your web browser stores your passwords for you. It is no doubt a wonderful time-saving feature, and surely beats having to retype your password every time that it needs to be entered. Have you ever stopped to ask yourself how safe your passwords really are in your browser?

How secure are Linux, Window and Mac OS?

Filed under
Security

Masuran.org: How secure is your favorite operating system? In a time where OS fanatics battle each other on what OS is the best, security is often one of the turning points of discussion. In this article I will be comparing the vulnerabilities listed on Secunia and assessing how serious they are.

Also: What about Linux spyware?

Howto Setup a Lighttpd Chroot Jail Web Server under Debian Linux

Filed under
Linux
Software
Security
Web
Ubuntu
HowTos

Security, speed, compliance, and flexibility--all of these describe LightTPD which is rapidly redefining efficiency of a webserver; as it is designed and optimized for high performance environments.

The potential danger of .desktop files and more

Filed under
Security

In many X11 desktop environments, links to applications are usually represented by files which have the desktop extension in their names. These files, internally, have a format similar to INI files and specify information such as the command to execute and the icon used when representing it.

Mac and Linux attacks set to rise

Filed under
Security

Speaking to consumer PC mag PC Pro, security guru Eugene Kaspersky said that the lukewarm reception of Vista will result in defections to Mac OS and Linux, thus making them more attractive targets for malware writers.

New MacOS and Linux virus found in the wild

Filed under
Security

I have just come across some news while reading my daily news fix of a new virus that has been released into the wild that effect the Mac and Linux operating systems This virus is apparently very virulent and quite destructive. It gains entry through a previously unknown kernel flaw that is inherent in all unix type kernels. So far there is no patch available.

Linux Kernel "tcp_v6_syn_recv_soc()" IPv6 Sockets Local DoS Vulnerability

Filed under
Security

A vulnerability has been identified in Linux Kernel, which could be exploited by local attackers to cause a denial of service.

Debian, Red Hat patch numerous OpenOffice flaws

Filed under
Security

Debian released a patch to fix multiple vulnerabilities in OpenOffice that open up the users' systems to compromise, Secunia reported on Wednesday.

One vulnerability was originally discovered by an anonymous researcher and reported to VeriSign’s iDefense Labs.

iDefense reported that research by Sean Larsson found additional flaws.

KDE Konqueror FTP PASV Response Handling Client-Side Port Scanning Vulnerability

Filed under
Security

A vulnerability has been identified in KDE Konqueror, which could be exploited by attackers to gain knowledge of sensitive information.

Two vulnerabilities in KDE BitTorrent client KTorrent

Filed under
Security

Version 2.1.2 of the open-source BitTorrent client KTorrent for KDE removes two vulnerabilities. The first one is said to enable an attacker to cause the application to crash. According to the bug report by Ubuntu the vulnerability also allows code to be injected onto a system and executed. The vulnerability is found in the module chunkcounter.cpp and is triggered by large idx values.

WordPress server hacked, downloads rigged with serious flaw

Filed under
Security

An unknown cracker broke into a server hosting downloads of the popular WordPress blogging software and rigged the file with a remotely exploitable code execution vulnerability. If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker.

Snort no fort, could be mugged by bug

Filed under
Security

A flaw in Snort, the popular open-source intrusion detection system, could be used by attackers to run malicious code on vulnerable machines, several security organizations reported yesterday.

Microsoft, Mozilla look into browser flaws

Filed under
Security

Microsoft and Mozilla are each working to tackle recently disclosed security flaws in the Internet Explorer and Firefox Web browsers.

New Firefox cookie vulnerability, workaround

Filed under
Security

Security researcher/hacker, Michal Zalewski has released a report on a security vulnerability affecting Firefox 2.0.0.1 and possibly earlier versions. The vulnerability could allow a malicious web site to impersonate an authentic one and set a cookie on its behalf. Zalewski recommends this workaround:

Filesystem encryption in mixed environments with TrueCrypt

Filed under
Security

If you want to encrypt your sensitive files so that no one can access them without your personal password or decryption key, you have several options. But if you want a free, cross-platform, open source encryption application, try TrueCrypt.

Ubuntu: Linux kernel vulnerabilities

Filed under
Security

Mark Dowd discovered that the netfilter iptables module did not correctly handle fragmented IPv6 packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules.

Two flaws found in Firefox

Filed under
Security

A security company has reported two new flaws in the Mozilla Firefox browser that may leave locally saved files vulnerable to outside attacks.

Debian warns of Mozilla bugs

Filed under
Security

Linux distributor Debian issued a security advisory over the weekend, warning of several problems in Mozilla and associated products such as Mozilla Firefox.

M$ and Open Source Experts to Brief House of Lords

Filed under
Security

Representatives of Microsoft Corp and the open source community will this week brief members of the UK's House of Lords as part of its ongoing inquiry into personal internet security.

Syndicate content