Language Selection

English French German Italian Portuguese Spanish

Security

Do you need to worry about the new /dev/mem rootkit problem?

Filed under
Security

blog.ibeentoubuntu.com: A new paper was presented in late March about using /dev/mem to inject and hide a rootkit (PDF), and the method has been getting some press, leading to a little concern.

Synchronizing UNIX files with optimized security

Filed under
Security

This article covers cp, tar, and rsync, that can aid with the security of the synchronization of UNIX files

How To Chroot Apache 2 Web Server Under Red Hat / CentOS Linux

Filed under
Linux
Software
Security

A chroot on Red Hat / CentOS / Fedora Linux operating changes the apparent disk root directory for the Apache process and its children. Once this is done attacker or other php / perl / python scripts cannot access or name files outside that directory. This is called a "chroot jail" for Apache. You should never ever run a web server without jail. There should be privilege separation between web server and rest of the system.

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

news.softpedia.com: Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu).

Linux Virus: A False Sense Of Security

Filed under
Linux
Security

linuxhaxor.net: There seems to be a false sense of security among some Linux users. The number of malicious programs specifically written for GNU/Linux has been on the increase in recent years and in the year of 2005 alone has more than doubled: from 422 to 863.

Remote buffer overflow bug bites Linux Kernel

Filed under
Linux
Security

blogs.zdnet: A remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.

Mac, Linux, BSD open for attack: Kaspersky

Filed under
Security

computerworld.com.au: Looming attacks will soon pop the security bubble enjoyed by Linux and Macintosh users, according to Russian security expert Eugene Kaspersky.

Firefox add-on blocks 'clickjacking' attacks

Filed under
Moz/FF
Security

computerworld.com: A popular Firefox add-on designed to block scripts and plug-ins has been updated to stymie the new "clickjacking" class of attacks, the extension's developer said today.

Vendors rush to fix critical TCP/IP bug

Filed under
Security

techworld.com (IDG): Internet infrastructure vendors are rushing to develop patches for a set of TCP/IP security flaws, which could help hackers knock servers offline with very little effort. Robert Lee and Jack Louis, have said that they can knock Windows, Linux, embedded systems and even firewalls offline.

How To Stop Firefox Clickjacking Exploit Attack

Filed under
Security

cyberciti.biz: Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS, flash and IFRAME can be used to attack on end users. Attacker is able to take control of the links that your browser visits.

Syndicate content

More in Tux Machines

WTFTW: A Tiling Window Manager Written In Rust

The WTFTW project is an X tiling window manager written in Rust. The WTFTW name is short for Window Tiling For The Win. WTFTW is written against the latest Rust nightly code, with Rust 1.0 approaching next year. This tiling window manager can be easily tested in Xnest or Xephyr. Read more

Red Hat credits Q3 earnings win to cloud, big data strategies

Red Hat's CFO boasted the software company has achieved sequential revenue growth every quarter for the last 51 straight quarters. Read more

WordPress 4.1 and distraction free writing mode

WordPress 4.1 is out and one of its new features is a revised “distraction free writing mode.” I seem to remember that it had something like this before, but it was not as well implemented as it is in WordPress 4.1. Now, when you push the distraction free writing mode button, everything else fades away except what you need to write your post. Read more

today's howtos