Security DevCenter
O'Reilly Network.oreilly.comSafari Bookshelf.Conferences. Sign In/My Account | View Cart   
Articles Weblogs Books Learning Lab eDocuments  
Find & fix bad SQL: Download Quest Software's new SQL Server white paper

Search

ONLamp.com
All of O'Reilly
 
 Advanced Search »

Login
Register
Manage Newsletters
Register Your Books


Sites
codezoo.com
LinuxDevCenter.com
MacDevCenter.com
WindowsDevCenter.com
Mozilla DevCenter
ONDotnet.com
ONJava.com
ONLamp.com
Apache
BSD
MySQL
PHP
Python
Security
OpenP2P.com
Perl.com
Policy DevCenter
Wireless DevCenter
XML.com
WebServices.XML.com

Affiliate Sites
LinuxQuestions.org
OSDir.com
Servlets.com

Resource Centers
Bioinformatics
C/C++
Databases
Digital Media
Enterprise Development
Game Development
Java
Linux/Unix
Macintosh/OS X
.NET
Open Source
Oracle
Perl
Python
Scripting
Security
SysAdm/Networking
Web
Web Services
Windows
Wireless
XML  

Atom Feed
RSS Feed
RSS Feed
Using our RSS Feeds


Related O'Reilly Books

Traveling to
a tech show?

Search Discount Hotels
Niagara Falls Hotels
New York City Hotels
Vancouver Hotels
Orlando Hotel Search
Dallas Hotels, Texas
Las Vegas, Nevada Hotels
France Hotels


ONLamp.com
supported by:

Web Directory
Mortgage Leads






  

Security Alerts: Problems in the Linux Kernel, LISTSERV, and gdb
Problems in the Linux kernel, LISTSERV, and gdb

  

Security Alerts: Mozilla and Firefox Flaws
Problems in gzip, Mozilla and Firefox, and OpenOffice.org

  

Security Alerts: CVS Trouble
Problems in CVS, PostgreSQL, Squid, and others

  

Security Alerts
Linux Kernel Vulnerabilities  In Noel Davis' latest column, he looks at problems in the Linux kernel, Telnet, sharutils, Ethereal, Midnight Commander, mpg321, OpenMosixView, cdrecord, ImageMagick, and grip.   [LinuxDevCenter.com]

Anatomy of an Attack: The Five Ps  The five Ps--Probe, Penetrate, Persist, Propagate, and Paralyze--represent a model of how a security attack progresses. In this excerpt from Managing Security with Snort & IDS Tools, the authors discuss an attack's progression through these five steps, whether the attack is sourced from a person or an automated worm or script, with emphasis on the Probe and Penetrate phases, the stages that Snort monitors.   [O'Reilly Network]

Security Alerts
KDE Trouble  Noel Davis looks at problems in KDE, MySQL, Perl, Ximian Evolution, GnuPG, OpenSLP, Ringtone Tools, LuxMan, and Ethereal.   [LinuxDevCenter.com]

O'Reilly Learning LabLinux/Unix SysAdmin Certificate Special -- Learn system administration skills online and receive certification from the University of Illinois Office of Continuing Education. Courses include: The Unix File System, Networking and DNS, Unix Services (including email and web servers), and Scripting for Administrators with Sed, Awk, and Perl. It's all at the O'Reilly Learning Lab. Enroll today and save 40%.

Security Alerts
Problems in GProFTPD  Noel Davis looks at problems in GProFTPD, bsmtpd, Uim, phpMyAdmin, Vim, Cyrus IMAPd, the Kodak Color Management System on Solaris, Arkeia Network Backup, curl, and PuTTY.   [LinuxDevCenter.com]

Security Alerts
Trouble in the Kernel, VMware, and PostgreSQL  Noel Davis looks at problems in the Linux kernel, VMware, PostgreSQL, Squid, MySQL, mailman, Apple OSX HFS+, movemail with GNU Emacs or XEmancs, KStars, typespeed, awstats, and synaesthesia.   [LinuxDevCenter.com]

OpenBSD 3.6 Live  Right on schedule, the OpenBSD team plans to release version 3.6 on November 1. Federico Biancuzzi recently interviewed several members of the core team about new features and changes in the code and the project.   [ONLamp.com]

Deploying a VPN with PKI  Security and convenience often conflict with each other. It'd be nice to have access to your office network from anywhere, but you can't trust the Internet. Virtual private networks are one solution. Scott Brumbaugh explains how to deploy a VPN using OpenVPN and OpenSSL.   [ONLamp.com]

Security Alerts
Perl Trouble  Noel Davis looks at problems in Perl, PostgreSQL, ncpfs, Squid, cpio, UW IMAP, ChBg, FireHOL, Clam AntiVirus, and f2c.   [O'Reilly Network]

Security Alerts
Linux and Darwin Kernel Trouble  Noel Davis looks at problems in the Linux kernel, the Darwin/Mac OS X kernel, iSync, Ethereal, enscript, hylafax, rssh, Xine-lib, mpg123, and Konversation.   [LinuxDevCenter.com]

Security Alerts
DB2 Problems  Noel Davis looks at problems in DB2, SHOUTcast, nasm, Vilistextum, libtiff, wxGTK2, phpGroupWare, Vim, namazu2, and htmlheadline.   [LinuxDevCenter.com]

Security Alerts
Linux AMD64 Kernel Bug  Noel Davis looks at a Linux 2.4 kernel bug on AMD64 machines, problems in Samba, changepassword.cgi, MPlayer, the MIT Kerberos 5 administration library, logcheck, Sybase Adaptive Server Enterprise, Konqueror, Debian debmake, Xpdf, and xzgv.   [LinuxDevCenter.com]

Security Alerts
J2SE Woes  Noel Davis looks at problems in the Java 2 Runtime Environment, wget, FreeBSD's procfs and linprocfs, OpenSSL, OpenSSH, AbiWord, Blogtorrent, scponly, rssh, and kfax.   [LinuxDevCenter.com]

Security Alerts
ELF Trouble  Noel Davis looks at problems in the Linux kernel, sudo, TWiki, phpBB, cscope, Cyrus IMAP, Bugzilla, ProZilla, unarj, libxml2, and fetch.   [LinuxDevCenter.com]

Security Alerts
Media-Tool Trouble  Noel Davis looks at problems in libgd, mtink, zip, ruby, Samba, freeamp, Kaffeine and gxine, Portage, zgv, shadow, and BNC.   [LinuxDevCenter.com]

Security Alerts
Trouble in iptables  Noel Davis looks at problems in Linux iptables, OpenSSL, PuTTY, rssh, Quake II Server, libmagick6, HP Serviceguard, Xpdf, FreeRadius, WVTFTPD, GNU tftp, and pppd.   [LinuxDevCenter.com]

Secure Your Wireless with IPSec  Wireless can make your life much, much easier, but those pesky radio waves won't stay put. Sometimes this is good, but sometimes you want to lock down your network. WEP and MAC address filtering aren't secure enough. IPSec, the same approach used to secure VPNs, is much better. Dan Langille explains how to configure Wifi with IPSec.   [ONLamp.com]

Security Alerts
mod_ssl Problems  Noel Davis looks at problems in mod_ssl, LibTIFF, mpg123, LessTif, the Cyrus SASL library, MySQL, CUPS, ProFTPD, and the Squid web proxy cache.   [O'Reilly Network]

The Basics of DNSSEC  The Domain Name System (DNS) is one of the building blocks of the modern Internet. It's showing its age, though; it comes from a time when trust was the default. Now it's time to move to more secure approaches. David Gordon and Ibrahim Haddad provide a technical tutorial on DNS Security Extensions (DNSSEC), a technique for securing DNS.   [ONLamp.com]

Google Your Site For Security Vulnerabilities  The fact that Google indexes pages you might never have known were public is both good and bad. It's good when you're searching for specialized or esoteric information. It's bad when Google indexes potential security vulnerabilities on your site. Nitesh Dhanjani demonstrates how to use the Google API to help identify your inadvertently shared secrets.   [ONLamp.com]

Network Tool Development with hping3  Network security analysts sometimes need access to create and analyze raw packets. Salvatore Sanfilippo's hping is a tool that allows them to do just that. Federico Biancuzzi recently interviewed Salvatore on the project's design, implementation, and goals.   [ONLamp.com]

Security Alerts
Temporary-File Race Conditions  Noel Davis looks at a collection of temporary-file race conditions, and problems in Samba, GNU sharutils, JRun, Subversion, imlib, IBM AIX ctstrtcasd, YahooPOPs, and OpenOffice.org.   [LinuxDevCenter.com]

VPNs and Public Key Infrastructure  Security and convenience often conflict with each other. It'd be nice to have access to your office network from anywhere, but you can't trust the Internet. Virtual private networks are one solution. How do they keep your data safe, though? Scott Brumbaugh explains the basics of Public Key Infrastructure, the cryptographic basis for secure VPNs.   [Security DevCenter]

Security Alerts
Linux Kernel Exploitation  Noel Davis looks at problems in the Linux kernel, Oracle Database Server, Oracle Application Server, DB2 Universal Database, vpopmail, MIT Kerberos 5, cfengine, CDE libDtHelp, Anonymous CVS, Samba, the zlib library, Courier-IMAP, and Python.   [LinuxDevCenter.com]

Security Alerts
Qt Trouble  Noel Davis looks at problems in Qt, SpamAssassin, MySQL, rsync, NetBSD ftpd, Xine-lib, KDE, Adobe Acrobat Reader, Gaim, and xv.   [LinuxDevCenter.com]

What Countermeasures Really Means  As the number and range of attacks on computer systems have grown exponentially and conventional firewalls and intrusion detection systems have proven inadequate for the task, security researchers have started to talk about employing "countermeasures" to preserve security.   [ONLamp.com]

Security Alerts
CDE Trouble  Noel Davis looks at problems in CDE's dtlogin, Oracle, SquirrelMail, SoX, phpMyAdmin, wvWare, Openftpd, CVSTrac, PostgreSQL's ODBC driver, PuTTY, and Citadel/UX.   [LinuxDevCenter.com]

Security Alerts
PHP Trouble  Noel Davis look at problems in PHP, Samba, mod_ssl, HP-UX's xfs and stmkfont, Ethereal, l2tpd, Domino, APC PowerChute Business Edition, Webmin, and Lexmark network printers.   [LinuxDevCenter.com]

Detecting Network Intrusions with Packet Filtering  An intrusion detection system (IDS) can scan your network for suspicious packets, but someone has to review the logs. Having previously shown how to construct packet filters, Don Parker demonstrates how to analyze an intrusion attempt, in order to gauge your network's security.   [Security DevCenter]

Security Alerts
Device-Driver Trouble  Noel Davis looks at problems in the Linux kernel, Apache 2, the Linux Virtual Server, Pure-FTPd, FreeBSD's Linux binary compatibility mode, Domino, Shorewall, libpng, and the X Display Manager.   [LinuxDevCenter.com]

Stealing the Network: A Prequel  Ryan Russell, one of the coauthors of Stealing the Network: How to Own a Continent (from Syngress), has written a "prequel" that depicts a '70s-era security hack, set at a tech company back East. If you've been curious about Stealing the Network, this short bit of fiction provides a real sense of the concept behind the book. And be sure to respond to the talkback at the end of this tale -- we'd like to hear your theory.   [Security DevCenter]

Security Alerts
Kernel DoS Vulnerability  Noel Davis looks at problems in the Linux kernel, www-sql, super, rssh, Horde-IMP, GNU GNATS, gzip, ISC DHCP, and sup.   [O'Reilly Network]

Filtering IDS Packets  Intrusion detection systems (IDS) can scan your network for suspicious packets but someone has to review the logs. Even if you find something odd, can you wade through hundreds of thousands of packets looking for evidence? Clever security administrators understand how to narrow down the search. Don Parker explains how to use Berkeley packet filters and bitmask filters to improve your IDS use.   [Security DevCenter]

Security Alerts
Subverted  Noel Davis look at problems in Subversion, Apache's mod_proxy and mod_ssl, Squid, MIT's krb5, RealOne, RealPlayer, ksymoops-gznm, smtp.proxy, FreeBSD's Jail(), Aspell, Tripwire, and icecast.   [LinuxDevCenter.com]

Writing Nessus Plugins  Today's best vulnerability detector will be out-of-date next week unless you can somehow teach it about new exploits and vulnerabilities. Fortunately, Nessus and NASL make that easy. Nitesh Dhanjani walks through the creation of a custom Nessus vulnerability plugin.   [Security DevCenter]

Security Alerts
KDE Trouble  Noel Davis looks at problems in KDE, CSV, Subversion, Firebird, FreeBSD msync(), mailman, Opera, Apple's HelpViewer, cPanel, and xpcd.   [LinuxDevCenter.com]

Top Ten Ethereal Tips and Tricks  Ethereal evangelist Angela Orebaugh offers her top ten list of Ethereal tips and tricks. From installing the packet capture driver to using Ethereal to process other sniffer capture files, these tips will have you saying, "Wow, I didn't know Ethereal could do that!" Angela is a coauthor of the recently released Ethereal Packet Sniffing (from Syngress).   [Security DevCenter]

Security Alerts
Apache Repaired  Noel Davis looks at a problems with the Apache web server, the Linux kernel, Systrace, ssmtp, exim, SuSE Live CD 9.1, Heimdal k5admind, Kolab, IRIX Networking Security, and NukeJokes.   [LinuxDevCenter.com]



Linux Security Cookbook: Recipe of the Day

You want to set up an MIT Kerberos-5 Key Distribution Center (KDC).

Do it now.

Today's News
June 07, 2005

Is Linux losing a step? [Source: CNET News.com - Security]

Is Intel a safe bet for Apple security? [Source: CNET News.com - Security]

Big Blue's Tivoli takes on ID theft [Source: CNET News.com - Security]

Lights, camera--PC display [Source: CNET News.com - Security]

News: Firefox spoof bug returns from the dead [Source: SecurityFocus News]

Tokyo's ghetto of geeks [Source: CNET News.com - Security]

Firefox reintroduces 7-year-old security flaw [Source: InfoWorld: Security]

In Brief: CA's eTrust IAM Toolkit secures applications [Source: InfoWorld: Security]

Putting a stop to counterfeit products [Source: InfoWorld: Security]

Update: Citigroup loses data on 3.9 million customers [Source: InfoWorld: Security]

 Sponsored by:



Contact Us | Advertise with Us | Privacy Policy | Press Center | Jobs

Copyright © 2000-2005 O’Reilly Media, Inc. All Rights Reserved.
All trademarks and registered trademarks appearing on the O'Reilly Network are the property of their respective owners.

For problems or assistance with this site, email