Language Selection

English French German Italian Portuguese Spanish

Security

Gentoo Infrastructure Press Release

Filed under
Gentoo
Security

On August 7, 2007, bannedit reported bug 187971 regarding a possible command injection vulnerability within http://packages.gentoo.org. The Infrastructure team verified the vulnerability and the server was immediately taken down to prevent further exploitation and to allow for forensic analysis.

Unix/Linux rootkits 101

Filed under
Security

techrepublic blogs: The term rootkit originated with a reference to the root user account on Unix systems. Rootkits are not limited to Unix, however, or even to administrative user accounts like the Unix root account. No matter what operating system you use, you should be familiar with good practices for detecting and dealing with the threat of rootkits.

Also: Clamav is great

Alleged critical holes in Xvid

Filed under
Security

heise-security: According to reports from several security services, the Xvid 1.1.2 Video Codec Library has a security hole which attackers could use to gain control over a PC. Both Windows and Linux applications are affected.

Detect insider threats with Linux auditing

Filed under
Security

linux.com: Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

Open source: New target of malware?

Filed under
Security

ZDNet: The recent OpenOffice worm may be a sign that malware writers are starting to target the increasingly popular open-source software, industry experts say.

Linux configure point to point tunneling PPTP VPN client for Microsoft PPTP vpn server

Filed under
Linux
Hardware
Software
Security
BSD
Ubuntu
HowTos

With this tip you will be able to work from home using VPN and that too from Linux / FreeBSD system for the proprietary Microsoft Point-to-Point vpn server.

Introducing Remo - An Easy Way to Secure an Insecure Online Application with ModSecurity

Filed under
Linux
Security
HowTos

Say you have a nasty application on your Apache webserver that has been installed by some people from the marketing department and you can neither remove nor patch it. Maybe it is a time problem, a lack of know-how, a lack of source-code, or possibly even political reasons. Consequently you need to protect it without touching it. There is ModSecurity, but they say this is only for experts. A straightforward alternative is Remo, a graphical rule editor for ModSecurity that comes with a whitelist approach.

OpenOffice worm hits Mac, Linux and Windows

Filed under
Security
OOo

builderau: Malware targeting OpenOffice documents is spreading through multiple operating systems including Mac OS, Windows and Linux, according to Symantec.

Windows vs Linux security report card redux

Filed under
Security

zdnet blogs: Jeff Jones has expanded his project to count security flaws (publicly reported and fixed) in the major workstation operating systems and his latest numbers show Windows Vista has by far the best security profile when compared to the major Linux distributions.

How To Block Spam Before It Enters The Server (Postfix)

Filed under
Linux
Security
HowTos

The last few weeks have seen a dramatic increase in spam (once again). Estimates say that spam makes now up for 80 - 90% of all emails, and many mail servers have difficulties in managing the additional load caused by the latest spam, and spam filters such as SpamAssassin do not recognize large parts of that spam as they did before. Fortunately, we can block a big amount of that spam at the MTA level.

Syndicate content

More in Tux Machines

today's leftovers

US Military To Launch Open Source Academy

Open source software, which has become increasingly common throughout the US military from unmanned drones to desktops, has now been enlisted as a career option for military personnel. In September, Camp Shelby Joint Forces Training Center will open a Linux certification academy, marking the first time such a training program has been hosted on a military base. Read more

Video: TedX talk - Richard Stallman

Well, vp9/opus in a webm container have been supported by both Firefox and Google Chrome for several releases now... so enjoy it in your web browser. Read more

Eclipse Luna for Fedora 20

If you are a Fedora Eclipse user, then you're probably saddened since the release of Eclipse Luna (4.4) because you are still using Eclipse Kepler (4.3) on Fedora 20. Well, be saddened no longer because Eclipse Luna is now available for Fedora 20 as a software collection! A software collection is simply a set of RPMs whose contents are isolated from the rest of your system such that they do not modify, overwrite or otherwise conflict with anything in the main Fedora repositories. This allows you install multiple versions of a software stack side-by-side, without them interfering with one another. More can be read about this mechanism on the software collections website. The Eclipse Luna software collection lives in a separate yum repository, which must be configured by clicking on this link to install the release package. Read more