Security
"For year-end 2007, we have compiled the Top 5 Most Overlooked Open Source Vulnerabilities encountered during 2007. We came up with this list after reviewing over 300 million lines of code and spending literally thousands of hours of analysis across a wide range of industries - including technology, financial services and government, among others."
"Two weeks ago I was in L.A., jumping from meeting after meeting, and at the end of every meeting, I asked everyone what they saw in the Identity and Access Management road ahead. I got some great answers, which you can peruse right here, and just this morning, I got these additional answers from Baber Amin of Novell, and definitely thought they were worth adding to the discussion. And hey, it is the holidays, so I can certainly forgive a little lateness."
Breach Security announced today that the Breach Security WebDefend web application firewall has earned certification by ICSA Labs, an independent division of Verizon. WebDefend is one of the first web application firewall products to achieve this distinction.
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.
Multiple vulnerabilities have been identified in IBM Lotus Notes for Linux, which could be exploited by malicious users to bypass security restrictions and potentially compromise a vulnerable system. These issues are caused due to insecure permissions being set on extracted binaries and the installdata file when executing the installer program, which could be exploited by a local attacker to modify arbitrary files such that subsequent installs performed by the root user could deploy malicious content or code to end user systems.
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service). The vulnerabilities are reported in versions prior to 2.6.23.8.
Launched by Guardian Digital with: brand new daemon control functionality, improved password shadowing, load balancing improvements and much more. EnGarde Secure Linux is a fully-functional platform engineered from the ground up for high levels of security explicitly for server operations.
Log Analysis (i.e. LIDS - Log-Based Intrusion Detection) can be a very powerful tool to complement NIDS/HIDS and improve network security. I pointed out some of its benefits in the following articles: Log analysis for intrusion detection and Log analysis using OSSEC.
However, like any other technology, when not done properly, it can add new security vulnerabilities and end up causing more harm than good.
eBay says online criminals are getting more organized and branching out from the Windows operating system to use the open-source Linux platform.
The top most influential factor for deploying open source technology in Australia, Korea, India and the People's Republic of China is better protection against security breaches, according to a survey by IDC. "The results indicate that organizations perceived open source technology as providing better security compared to proprietary products," said Prianka Srinivasan, a software market analyst with IDC Asia/Pacific.
Smoothwall has released their new version of their free Web-Based firewall. The newer version has lots of new features such as, a fourth interface "Purple for wireless clients". It's also been rebuilt on the 2.6 kernel. Four different versions, 32/64 bit express and 32/64 bit Developer editions.
Trusted Computer Solutions announced the launch of Security Blanket, a system lock-down and security management tool that enables systems administrators to automatically configure and enhance the security level of the Red Hat Enterprise Linux operating platform. Supporting Red Hat Enterprise Linux 4 and 5, this Linux security solution simplifies the current arduous methods for "hardening" systems that administrators must address on a regular basis.
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.16 (Version 3.0, Release 16). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.
Untangle has made its open source security software available free for download to network managers supporting environments of all sizes.
Only open source platform to unify security products providing, a free and better alternative to SonicWall and other appliance vendors.
