Sponsorised links
This month
Safari Carpet Bomb
by marco
I recently communicated 3 security issues in the Safari browser to Apple
Anatomy of Security-Enhanced Linux
by idaashley
Linux has been described as one of the most secure operating systems available, but the NSA has taken Linux to the next level with Security-Enhanced Linux (SELinux). In this article explore the ideas behind SELinux and how it's implemented. SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof.
Sponsorised links
April 2008
Yubico - Trust the net
by wabaus
"The YubiKey is a new, simple and secure authentication solution.
With a simple click on the YubiKey button, your identity and a unique password is sent every time you use it. The device connects to the USB port, fits in your wallet and works on all platforms and browsers, without the need of any client software.
Together with the Yubico back-end integration platform, we enable quick and easy integration with any online service."
UK Banking Law Blames Customers For Insecure OS
by marco
If you use an insecure OS in the UK and someone drains your bank account, the banks say it's your fault
March 2008
Amazon S3 Security « poeticcode
by greut
You can’t call a system secure unless it’s really secure.
S3 isn't secure.
Overview to the Windows Server 2003 Security Guide
by ERSWeb
(via)
The Windows Server 2003 Security Guide provides specific recommendations about how to harden computers that run Microsoft® Windows Server™ 2003 with Service Pack 1 (SP1) in three distinct enterprise environments—one in which older operating systems such as Windows NT® 4.0 and Windows® 98 must be supported, one in which Windows 2000 is the earliest version of the Windows operating system in use, and one in which concern about security is so great that significant loss of client functionality and manageability is considered an acceptable tradeoff to achieve maximum security. These three environments are respectively referred to as the Legacy Client (LC), Enterprise Client (EC), and Specialized Security – Limited Functionality (SSLF) environments throughout this guide.
Mac is the first to fall in Pwn2Own hack contest
by marco
The exploit took less than two minutes to pull off.
Set Up Gateway Level Virus Security With ClamAV And SafeSquid Proxy | HowtoForge - Linux Howtos and Tutorials
by camel
In this HowTo, I will explain how you can secure your network from virus and other malware, by installing ClamAV and integrating it with SafeSquid, to scan all in-coming content for virus, and block all infected content at the HTTP Gateway, even before it enters your network.
Virus Security In SafeSquid
SafeSquid has built-in connectivity to various daemon based anti virus software like ClamAV, Sophos, Avast, F-Prot, NOD32 and Kaspersky. It also has a universal ICAP (Internet Content Adaptation Protocol) client that can be used to connect to ICAP based security software like Dr.Web ICAP, Kaspersky Antivirus for Proxy Server, Trend Micro InterScan Web Security and Symantec Scan Engine.
You can even use multiple anti virus software with SafeSquid to simultaneously scan in-coming content. This does not cause any significant latency, since SafeSquid has a multi-threaded architecture.
Jabber Openfire Server
by lecyborg
& 1 other
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.
Cold Boot Attacks on Encryption Keys - Center for information technology policy
by rike_
Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.
Aberdeen Group: Best Practices in Choosing and Consuming Managed Security Services
by ERSWeb
(via)
All Best-in-Class Companies use some managed security services and the number one reason organizations are pursing managed security services is to improve their security. Best-in-Class organizations report fewer security incidents, fewer malware infections, fewer incidents of data loss, greater reduction in fraud, fewer failed audits, and greater reduction in help desk costs associated with security events.
February 2008
Improve Security with Linux PAM
by idaashley
Linux Pluggable Authentication Module (PAM) can help you protect world-writeable shared directories from abuse. This article for Linux system administrators lays out the steps to enable namespaces with PAM. The pam_namespace module creates a separate namespace for users on your system when they login to protect users from several types of security attacks.
