Security

Avoiding security blunders in Linux and IT infrastructures

When it comes to IT infrastructure security, there are things that IT managers just shouldn't do. This two-part tip is written for those who'd like to avoid making those mistakes. It covers four security areas that are either ignored or overlooked in IT infrastructure security, with a focus on securing Linux-based hosts.

World’s first miniature computer to protect and manage laptops

Yoggie Security Systems has today announced the launch of the Yoggie Gatekeeper, a revolutionary credit-card sized computer that brings all corporateclass security applications within the reach of mobile and remote workers. For the first time ever, mobile workers can access the Internet from hotspots, airports and hotel rooms, safe in the knowledge that their laptop is protected by the Yoggie Gatekeeper, which provides the same level of security enjoyed by counterparts within the corporate network – all through a device that fits in the palm of your hand.

Interested in securely sharing a secret?

I needed a method for sharing a secret that required multiple agents to coordinate before the secret could be recovered. This is useful for encrypting keys used in critical backups. I decided to use an implementation of Shamir's Secret Splitting Scheme (The S in RSA).

Point, click, root: System exploitation with open tools

T managers face a problem determining what products and policies are best to properly secure their network. The problem with many security products is that it is hard to validate their claims. Penetration testing is a process for testing the security of networks by imitating an attacker. This process typically involves gathering information through Internet searches and other open sources, scanning and mapping the targeted network with tools like Nmap, determining vulnerabilities on targeted computers, and exploiting those computers. Conducting a successful penetration test involves a great deal of knowledge and a wide variety of software, including some of the following open source tools.

Free SSL Secure Certificate for Open Source Projects from Godaddy

"Go Daddy is committed to the open source community. We want your site and data to be secure – and we’re willing to foot the cost to make them just that."

GRISOFT Launches Beta Program For Anti-Malware Security Suite

GRISOFT, the supplier of AVG security software, announced the availability of a public beta version of AVG Internet Security 7.5, its new comprehensive anti-malware security suite. In addition to the new security suite, public beta versions for entire AVG 7.5 computer security portfolio are available, including new products, as well as updated versions with significant improvements.

Analyzing malicious SSH login attempts

Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks.