Language Selection

English French German Italian Portuguese Spanish

Security

They Came a Knockin and Webmin Let Them In

Filed under
Software
Security

thelinuxlink.net: Today was a sad day. I found out my streaming mirror/microblog server had been cracked. They exploited webmin and set up shop. Alas, there is no one to blame but myself. This is how I believe it went down.

10 Steps for Basic Linux Desktop Security

Filed under
Linux
Security
HowTos

linuxsysconfig.com: I agree that Linux is less vulnerable than Windows, but that doesn’t make it immune to attackers. It’s not always about security flaws, buffer overflows or denial of service attacks. I came up with a list of 10 basic rules that should reduce the security risk.

Do you need to worry about the new /dev/mem rootkit problem?

Filed under
Security

blog.ibeentoubuntu.com: A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern.

Synchronizing UNIX files with optimized security

Filed under
Security

This article covers cp, tar, and rsync, that can aid with the security of the synchronization of UNIX files

How To Chroot Apache 2 Web Server Under Red Hat / CentOS Linux

Filed under
Linux
Software
Security

A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a "chroot jail" for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

news.softpedia.com: Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu).

Linux Virus: A False Sense Of Security

Filed under
Linux
Security

linuxhaxor.net: There seems to be a false sense of security among some Linux users. The number of malicious programs specifically written for GNU/Linux has been on the increase in recent years and in the year of 2005 alone has more than doubled: from 422 to 863.

Remote buffer overflow bug bites Linux Kernel

Filed under
Linux
Security

blogs.zdnet: A remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.

Mac, Linux, BSD open for attack: Kaspersky

Filed under
Security

computerworld.com.au: Looming attacks will soon pop the security bubble enjoyed by Linux and Macintosh users, according to Russian security expert Eugene Kaspersky.

Firefox add-on blocks 'clickjacking' attacks

Filed under
Moz/FF
Security

computerworld.com: A popular Firefox add-on designed to block scripts and plug-ins has been updated to stymie the new "clickjacking" class of attacks, the extension's developer said today.

Syndicate content

More in Tux Machines

OpenMediaVault 1.0, a Complete Free NAS Solution You Didn't Know You Needed

As you can expect, there are a ton of free NAS (network attached storage) projects and solutions on Linux (and beyond), but there is always room for one more. OpenMediaVault packs quite a few features and users will most likely find all the options that they will ever need. The OpenMediaVault might have a round and neat version number, but the project has been around for a few years now and it's made by Volker Theile, a former member of FreeNAS, which is another very famous NAS solution. Read more

How Matt's Machine Works

And that is how Mullenweg, creator of WordPress, founder of Automattic, and chairman of The WordPress Foundation, runs 22% of the Internet. Read more

Open-source project promises easy-to-use encryption for email, instant messaging and more

Called "Pretty Easy Privacy" (PEP), the project's goal is to integrate the technology with existing communication tools on different desktop and mobile platforms. The development team launched a preview PEP implementation Monday for the Microsoft Outlook email client, but plans to build similar products to encrypt communications in Android, iOS, Firefox OS, Thunderbird, Apple Mail, Jabber, IRC (Internet Relay Chat), WhatsApp, Facebook Messenger, Snapchat and Twitter. Read more

Samsung Open Source Group’s Linux Kernel Updates and More from LinuxCon

This year's LinuxCon & Kernel Summit North America were notable for several reasons, not the least of which included being able to see the scenic views of downtown Chicago through the hotel lobby windows! Below, the Samsung Open Source Group will share our top highlights of the conferences, as well as look forward to what we can expect from LinuxCon Europe next month in Germany. Read more