Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, advisories were released for sympa, dbus, selinux-policy, libetpan, perl, python, libgnomeeui, xine-lib, firefox, seamonkey, ruby, samba, and openssl. The distributors include Debian, Fedora, Gentoo, Red Hat, and Ubuntu.
Out of the box, a Linux desktop is far more secure than most others.
However, this level of security is not necessarily attained through typical security-focused software or techniques. Sometimes, the easiest means to security are those that are the easiest to forget.
You might find these suggestions to be pure common sense, but maybe you'll see a means of security you never thought of before. If you're a new Linux user, these tips are a great place to start to ensure that your Linux experience is a good one.
Do you have any favorites security tips that you do every time you setup a new Linux desktop? The tip that says that users should mount /home on it's own partitions is something that I don't do. What do you think?
It seems like the Phishing crews at trying to get some new ideas on how to con people into giving away their credentials and leaking info.
It seems to the same old style as normal e-mail phishing but utilising the Google Calendar interface. It comes bundled with the usual spelling and grammatical errors that plague phishing e-mails.
I found this to be a interesting article about how e-mail phishing is on utilizing Google Calendar. What do you thin, is there any way that Google can combat this?
Chris PeBenito has announced the latest release of Reference Policy. Notable changes in this release include the ability to specify SELinux roles in loadable policy modules, improved labeled networking support, and new policy modules for virtualization packages.
This release improved the functionality of SELinux loadable policy modules. With this update SELinux seems to be in the right direction, what do you think?
Linux is a hacker’s dream computer operating system. It supports tools and utilities for cracking passwords, scanning network vulnerabilities, and detecting possible intrusions. I have here a collection of 10 of the best hacking and security software tools for Linux.
What do you think about this top 10 security tools list? Most of the popular security tools are on this list but, do you have any other favorites?
In this installment, I will cite an example of automated email code designed for another purpose. Nonetheless, I see it is a critical step to confirm the validity of the form's input. Moreover, unless and until I have received the expected human confirmation, that input is left in limbo [1.]. This is another means to prevent spurious, but uncaught data inputs. Thus, this limited human energy expenditure is a high return investment.
This article looks at the important security practice of web application input validation. Every time you take input from your web application check needs to be executed before your software does anything to that data. Do you have any tips for checking your user's input data for malicious data?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, advisories were released for libetpan, perl, kernel, jdk/jre, freetype, libvorbis, openssl, clamav, freetype2, fetchmail, sblim, and IBMJava2. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and Ubuntu.
