Security breaches just keep on coming...

According to several reports both kernel.org and linux.org were hacked over the last few weeks.  Showing that both linux isn't perfect and that users are the weakest link in any operating systems armour.  In both cases nothing super secert from the users was stolen.  The kernel.org attack is not an issue, as no one can update the kernel code or other software hosted at the site without a large nuber of contributors being told about the update.  So with everything safe and the users passsword changed we can all breath a sigh of relief and walk away remembering that even simple things like password policies are important.

Brian Wagner

Brian started working with *nix in while a student at Kent State University in the early 90's. In 1995, as an E-Mail Administrator for Caliber Technology (now part of Fedex) he was tasked with administering Sendmail on both Slackware Linux and Solaris Systems. His first home install of Linux was MkLinux DR1 in 1996 on his 60 Mhz PowerMac. Since then Brian has been working and consulting on Linux and it's uses in the Enterprise to support everything from E-Mail, Firewalls, Web and File serving to custom cluster solutions and grid solutions. Brian has had the opportunity to work in both Fortune 500 companies and small 2 person organizations. This has given him the unique insight into the differences every size business faces.

Have you ever wondered what a root kit was?

Bill Keys on LInuxSecurity.com does a really good job of both explaining what they are and some tips on how to avoid, remove, and detect them.  It is a nice easy read that will help you get a good understanding of the topic.  Check it out.

Brian Wagner

Brian started working with *nix in while a student at Kent State University in the early 90's. In 1995, as an E-Mail Administrator for Caliber Technology (now part of Fedex) he was tasked with administering Sendmail on both Slackware Linux and Solaris Systems. His first home install of Linux was MkLinux DR1 in 1996 on his 60 Mhz PowerMac. Since then Brian has been working and consulting on Linux and it's uses in the Enterprise to support everything from E-Mail, Firewalls, Web and File serving to custom cluster solutions and grid solutions. Brian has had the opportunity to work in both Fortune 500 companies and small 2 person organizations. This has given him the unique insight into the differences every size business faces.

59 Open Source Security Tools...

While the title doesn't lie, "59 Open Source Tools That Can Replace Popular Security Software".  It probably should have been trimmed to 50.  Several of the packages are no longer being supported so be sure to go to the links and check the activity on the projects before committing.

This doesn't meant that like most articles like this there aren't a few new gems you may not of heard about before.  For me with this one it was the modsecurity package.  This pacakge is a plugin for Apache that aloow you to set up Web Server Firewall like functionality.  As I just had a friend get hacked becuase of a bug in PHP this seems like a great idea to me.  I am now going to look into whether we shouldn't be investigating.

A lot of my favorite security tools are on this list.  Things like SpamBayes, Spamassisin and Bacula just to name a few.  It's 4 pages but broken down in to nice list groupings.

 

Brian Wagner

Brian started working with *nix in while a student at Kent State University in the early 90's. In 1995, as an E-Mail Administrator for Caliber Technology (now part of Fedex) he was tasked with administering Sendmail on both Slackware Linux and Solaris Systems. His first home install of Linux was MkLinux DR1 in 1996 on his 60 Mhz PowerMac. Since then Brian has been working and consulting on Linux and it's uses in the Enterprise to support everything from E-Mail, Firewalls, Web and File serving to custom cluster solutions and grid solutions. Brian has had the opportunity to work in both Fortune 500 companies and small 2 person organizations. This has given him the unique insight into the differences every size business faces.