News

Network and Security related news.

Open-source Wi-Fi links remote communities by Khairil Yusof — last modified 2004-12-16 03:16 PM

A group called Informal is going on a global roadshow to demonstrate the benefits of wireless networks to rural communities in Asia and Africa

Bots doing the mambo by Ryan Talabis — last modified 2005-12-07 04:11 PM

A new bot is spreading in the wild, with attackers looking to compromise vulnerable installations of the popular Mambo open-source content management system.

Simple DoS for Firefox 1.5 by Ryan Talabis — last modified 2005-12-08 10:23 AM

An exploit for the new Firefox 1.5 browser was released today that causes a denial of service condition using a simple web page as a trigger.

Nessus 3 released, remains free by Ryan Talabis — last modified 2005-12-14 09:21 AM

Version 3 of the widely popular Nessus vulnerability scanner has been released to the public for various Linux distributions and FreeBSD.

Security Report: Windows vs Linux by Khairil Yusof — last modified 2004-12-16 03:16 PM

A detailed report, getting the facts straight when comparing Windows security vs Linux

Free, full-featured, still available -- choose any two by Ryan Talabis — last modified 2005-12-15 08:45 AM

A community-based firewall is making waves this week as an increasing number of free firewalls disappear from the landscape.

Linux Advisory Watch - December 9, 2005 by Ryan Talabis — last modified 2005-12-11 08:33 PM

This week advisories were released for gdk-pixbuf, horde2, helix-player, Inkscape, horde2, Perl, Webmin, eagle-usb, spamassassin, mailman, xpdf, libc-client, and imap. The distributors include Debian, Gentoo, Mandriva, and Red Hat.

Trusting software by Ryan Talabis — last modified 2005-12-08 02:54 PM

Open-source or closed-source, it's the same issue. Using other people's software has a lot to do with trust. If you don't trust the right people, you're putting yourself at risk.

Cisco responds to OpenSSL security flaw by Ryan Talabis — last modified 2005-12-09 09:32 AM

Cisco Systems on Friday issued a security advisory regarding the use of open-source security software OpenSSL on several of its products. Cisco's advisory follows one issued in October by the OpenSSL Project, which noted that the vulnerabilities could lead to a malicious attacker launching remote code against users' systems.

Linux Advisory Watch - December 16, 2005 by Ryan Talabis — last modified 2005-12-18 04:27 PM

This week, advisories were released for courier, osh, curl, ethereal, phpMyAdmin, Openswan, Xmail, Ethereal, perl, openvpn, thunderbird, xmovie, mplayer, and ffmpeg. The distributors include Debian, Gentoo, Mandriva.

Is Open Source Good for Security? by Ryan Talabis — last modified 2005-12-18 04:38 PM

There's been a lot of debate by security practitioners about the impact of open source approaches on security. One of the key issues is that open source exposes the source code to examination by everyone, both the attackers and defenders, and reasonable people disagree about the ultimate impact of this situation.

Free endpoint security software released (Core FORCE 070.105) by Ryan Talabis — last modified 2005-12-15 08:53 AM

Core FORCE, a fully functional endpoint protection software for Windows 2000 and Windows XP systems, is released under the Apache 2.0 license and is available now at http://force.coresecurity.com.

Linux Advisory Watch - December 23, 2005 by Ryan Talabis — last modified 2005-12-28 05:00 PM

This week, advisories were released for dropbear, nbd, phpbb2, OpenLDAP, Xpdf, cURL, CenterICQ, digikam, apache2, sudo, kernel, netpbm, udev, gpdf, kdegraphics, cups, and perl. The distributors include Debian, Gentoo, Mandriva, and Red Hat.

Managing the insider threat through code obfuscation by Ryan Talabis — last modified 2005-12-18 04:36 PM

Corporations spend billions building effective security protocols, but complacency and a desire for efficiency can soon lead to deviations from security protocols that workers gradually become accustomed to. The result is that small but potentially crippling holes develop in even the most effective systems, creating openings for attackers, including, potentially, insiders. Countering the insider threat requires a comprehensive, multi-tiered approach that includes physical controls, software access controls, and software protection obfuscation.

Firefox Gains Share but Is Still Far Behind IE by Ryan Talabis — last modified 2006-01-06 02:45 PM

Use of Mozilla's Firefox Web browser has risen by 40 percent over six months, yet the proportion of Firefox users clicking on ads remains half that of Internet Explorer, a study by technology company AdTech has revealed.

US-CERTs FUD by Ryan Talabis — last modified 2006-01-06 02:38 PM

Everywhere you look in the trade press today, you'll find glowing misrepresentations of US-CERT's latest annual summary of vulnerabilities discovered in 2005. If you take the summary findings at face value, you would likely conclude that Windows -- with 812 reported vulnerabilities -- is a much safer operating system than something called "Unix/Linux," which totaled 2,328. The US-CERT summaries have become the fodder for a FUD festival, and many scribes sympathetic to the Microsoft cause go out of their way to make sure the real picture never emerges.

Browser Wars - Network Managers Flee IE by Ryan Talabis — last modified 2006-01-06 02:50 PM

Remember the beating Internet Explorer gave Netscape? All but chased 'em right out of the browser business. Microsoft's weapons of choice: Free and bundled.

Add an extra layer of security with systrace by Ryan Talabis — last modified 2006-01-25 04:41 PM

Niels Provos' Systrace is a utility that monitors and controls what an application can access on a system by creating and enforcing access policies for system calls. For the Linux crowd, it's something like the US National Security Agency's SE Linux, but it's more flexible and, if used properly, it can improve a system's overall security by "sandboxing" untrusted applications and users.

Linux Advisory Watch - January 6, 2006 by Ryan Talabis — last modified 2006-01-09 04:37 PM

This week, advisories were released for tkdiff, scponly, XnView, pineentry, KPdf, libgphoto, printer-filters-utils, nss_ldap, mdkonline, tkcvs, and ethereal. The distributors include Debian, Gentoo, and Mandriva.

Philippine Honeynet Project releases 2005 4th quarter Security Report by Ryan Talabis — last modified 2006-01-09 09:00 AM

According to the Philippine Honeynet Project (http://www.philippinehoneynet.org/), there are close to 60 attacks and security events in the country a day, with majority of the attacks happening between 4 to 7 p.m., and on Thursdays.

Risky business - Keeping security a secret by Ryan Talabis — last modified 2006-01-06 03:16 PM

Is open-source software better for security than proprietary software?

Cyber Security Bulletin 2005 Summary by Ryan Talabis — last modified 2006-01-05 09:49 AM

The United States Computer Emergency Readiness Team released its year-end summary of computer vulnerabilities. While Windows is regarded as the most insecure operating system, the US-CERT found four times as many vulnerabilities specifically related to Unix and Linux. Of 5,198 reported flaws, 812 were for the Windows, 2,328 for Unix and Linux, and 2,058 more affected more than one operating system. Notably missing from the list of Windows vulnerabilities is the recently discovered Windows Metafile issue. No vulnerabilities were listed for Apple's Mac OS X, however several had been disclosed during the year. Also, since OS X is based on Unix, it is vulnerable to some of the flaws associated with its core operating system.

Novell opens AppArmour source code by Ryan Talabis — last modified 2006-01-25 04:56 PM

Looking to spread the usage of the AppArmour application security software it acquired when it bought Immunix, Novell announced last week that it would release the software's source code under the GNU General Public License (GPL) and sponsor a project to maintain and improve it.

Mozilla Firefox vulnerabilities and upgrade by Ryan Talabis — last modified 2006-02-08 08:54 AM

According to secunia's security advisory, several vulnerabilities were found in Firefox. Fortunately, Mozilla released Firefox 1.5.0.1 to fix them.

OpenSSL receives FIPS certification by Khairil Yusof — last modified 2006-01-24 10:17 AM

The Cryptographic Module Validation Program (CMVP), a joint effort of the US and Canadian governments, approved the validation of the OpenSSL open source security toolkit for implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols on Friday.

U.S. Department of Homeland Security helps secure open-source code by Khairil Yusof — last modified 2006-01-12 01:04 PM

The U.S. Department of Homeland Security is extending the scope of its protection to open-source software.

Linux Security a National Matter by Ryan Talabis — last modified 2006-01-25 04:53 PM

U.S. taxpayers are now helping to improve open source software code and security thanks to a grant issued by the Department of Homeland Security (DHS).

Ubuntnu stores clear text root password by Ryan Talabis — last modified 2006-03-14 05:39 PM

Ubuntu, the popular "Linux for Human Beings" desktop OS, has been found to store the system's root password in clear text.

Philippines joins Global Honeynet Project Alliance by Ryan Talabis — last modified 2006-03-12 09:09 PM

THE PHILIPPINES is the latest country to be accepted in a global alliance of "Honeynet" projects in Internet security research.

2006 phish tales, part 1: Worse on Linux or Windows? by Ryan Talabis — last modified 2006-01-12 02:13 PM

Phisher phobia has gripped IT users and administrators, thanks to some highly publicized phishing successes -- and some users and admins should be more worried than others. But phishers can be beaten, says Lance James, author of the new book, Phishing Exposed, published by Syngress Publishing. James is the chief technology officer for Secure Science Corp., in San Diego, Calif. James describes ways phishers attack Linux and Windows platforms and which platform is more vulnerable. Plus, he warns about new threats coming in 2006 in part one of this two-part Q&A. In part two, he discusses the ways anti-phishing security has failed as well as the merits of various defenses

Nmap 4.00 with Fyodor by Ryan Talabis — last modified 2006-02-08 10:02 AM

After more than eight years since its first release in Phrack magazine, Fyodor has announced Nmap 4.00. Curious as usual, Federico Biancuzzi interviewed Fyodor on behalf of SecurityFocus to discuss the new port scanning engine, version detection improvements, and the new stack fingerprinting algorithm under work by the community.

Will public schools use Microsoft or open source? by Ryan Talabis — last modified 2006-02-07 10:26 PM

THERE is now a brewing issue on whether government should use Microsoft or open source-based software in the second phase of the "PCs for Public Schools Project" of the Department of Trade and Industry (DTI), says a government source privy to the bidding.

Toyota embraces open standards for security by Ryan Talabis — last modified 2006-03-01 02:50 PM

The car manufacturer believes open standards and deperimeterisation are the right approach to security, but has rejected external security compliance

VMware cuts VMware Server price to zero by Ryan Talabis — last modified 2006-02-08 10:11 AM

VMware is getting ready to follow up on its VMware Player with a free server product for Linux and Windows.

Linux.com weekly security advisory - March 3, 2006 by Ryan Talabis — last modified 2006-03-07 02:25 PM

Debian, Fedora, FreeBSD, Mandriva, Red Hat, and Ubuntu released security advisories this week. Affected packages include BMV, GPdf, Xpdf, pdftohtml, tar, Heimdal, PostgreSQL, and irssi-text. Fedora distributed a kernel update addressing several security vulnerabilities in the kernel. No security advisories were issued by Gentoo.

Linux.com weekly security update - February 3, 2006 by Ryan Talabis — last modified 2006-02-08 10:05 AM

Advisories were released this week for LibAST, MyDNS, Mail::Audit, PHP, and several other packages. Vendors that released advisories this week are Debian, FreeBSD, Gentoo, Mandriva, and Red Hat. No advisories were issued for SUSE or Ubuntu this week. The Mozilla foundation has also released an update to Firefox 1.5 this week.

John the Ripper 1.7, by Solar Designer by Ryan Talabis — last modified 2006-03-07 02:40 PM

Federico Biancuzzi interviews Solar Designer, creator of the popular John the Ripper password cracker. Solar Designer discusses what's new in version 1.7, the advantages of popular cryptographic hashes, the relative speed at which many passwords can now be cracked, and how one can choose strong passphrases (forget passwords) that are harder to break.

Linux.com weekly security update - February 24, 2006 by Ryan Talabis — last modified 2006-03-01 02:52 PM

This week, security advisories included updates for several packages including GNU Privacy Guard (GnuPG), pdfkit.framework, TUTOS, GPdf, Heimdal, GNU tar, OpenSSH, and more. Debian, Fedora, Gentoo, Mandriva, SUSE, and Ubuntu were among the vendors issuing advisories. Red Hat and FreeBSD did not issue security advisories this week.

Philip Zimmermann releases Zfone for OS X & Linux by Ryan Talabis — last modified 2006-03-17 11:32 PM

Phil Zimmermann thinks Zfone is better than the other approaches to secure VoIP, because it achieves security without reliance on a PKI, key certification, trust models, certificate authorities, or key management complexity that bedevils the email encryption world.

PGP Comments on DTI Information Security Breaches Survey 2006 by Ryan Talabis — last modified 2006-04-05 11:14 PM

The DTI Information Security Breaches Survey 2006 (pdf) has found that only 25% of UK businesses use encryption to send messages to business partners, highlighting that many businesses are leaving sensitive and confidential data contained in emails open to interception. PWC, which carried the survey out on the DTI's behalf, has claimed that one of the reasons for this low level of encryption is the cost and administration burden.

Why is anyone still using Internet Explorer? by Ryan Talabis — last modified 2006-03-29 02:55 PM

If you care about your security, about the security of any of your friends, family, or co-workers, it's time to switch to Firefox.

Open source security testing methodology by Ryan Talabis — last modified 2006-04-05 11:11 PM

Truth is made of numbers. Following this golden rule, Federico Biancuzzi interviewed Pete Herzog, founder of ISECOM and creator of the OSSTMM, to talk about the upcoming revision 3.0 of the Open Source Security Testing Methodology Manual. He discusses why we need a testing methodology, why use open source, the value of certifications, and plans for a new vulnerability scanner developed with a different approach than Nessus.

Solar Designer on Openwall GNU/*/Linux by Ryan Talabis — last modified 2006-03-27 01:35 PM

Solar Designer is one of the most important security expert on the Net. He developed the famous Unix password cracker John The Ripper and popa3d, a secure POP3 daemon, but also a security enhanced Linux distro: Openwall GNU/*/Linux . In this interview Solar Designer speaks about present and future of this interesting Gnu/Linux system.

Snort on OpenWrt: Guarding the SOHO perimeter by Ryan Talabis — last modified 2006-03-29 02:53 PM

If you're edgy about security for your SOHO LAN, you might want to consider moving your first line of defense out past your firewall. How about on your router, for example? If your router runs OpenWrt, you can do exactly that, by running Snort, the open source intrusion detection system (IDS) project that has become the most widely deployed IDS in the world. Throw in the firewall that comes out of the box with OpenWrt White Russian, and suddenly the perimeter seems a lot more secure.

New virus threatens Linux and Windows PCs by Ryan Talabis — last modified 2006-05-04 09:51 AM

Hackers have released code for a cross-platform virus that could infect Linux and Windows computers.

Government Day at LinuxWorld by Ryan Talabis — last modified 2006-04-05 11:17 PM

X.org founder Leon Shiman headed up Government Day at LinuxWorld. The subconference, sponsored by Novell, Red Hat, Trusted Computer Solutions, and Microsoft, was directed at a by-invitation-only group of government movers and shakers, and designed to provide a forum to discuss issues surrounding the adoption of open source and open standards in government, including the problem of vendor lock-in. We were the only press allowed into the event.

Secure Programming in GNU/Linux Systems by Ryan Talabis — last modified 2006-04-06 10:17 PM

In our last article, we saw objectives of computer security and had a brief introduction on secure programming. We also delved deeply into the need of secure programming, what type of programs need secure programming and why programmers write insecure code.

ISM3 Released by Ryan Talabis — last modified 2006-05-04 09:58 AM

The publication of ISM3 v1.20 (Information Security Management Maturity Model, pronounced ISM cubed) offers many advantages for information security management systems. ISM3 can be used standalone or enhance systems based on ITIL, ISO27001 or Cobit.

Torvalds creates patch for cross-platform virus by Ryan Talabis — last modified 2006-05-04 10:02 AM

Linus Torvalds has had an opportunity to examine the testing and analysis by Hans-Werner Hilse which we reported on yesterday, and has blessed it as being correct. The reason that the virus is not propagating itself in the latest kernel versions is due to a bug in how GCC handles specific registers in a particular system call. He has coded a patch for the kernel to allow the virus to work on even the latest Linux kernel.

Apache Now the Leader in SSL Servers by Ryan Talabis — last modified 2006-05-04 10:05 AM

As the original developers of the SSL protocol, Netscape started out with a lead in the SSL server market. But they were soon overtaken by Microsoft's Internet Information Server, which within a few years held a steady 40-50% of the SSL server market.

e-Primer on Free/Open Source Software: Network Infrastructure and Security by Khairil Yusof — last modified 2007-03-15 03:52 PM

This e-primer, with a foreword by Robert Shaw of the International Telecommunication Union, introduces readers to the network concepts and architectures, and the major networking functions with FOSS. It also discusses network security functions with FOSS, including security best practices and ‘to-do's’.