5 Free Linux Apps You Can't Do Without PC Authority: "Like a digital Swiss Army knife, these are the Linux utilities and tools that are so useful you won't know how you ever did without them." (Nov 2, 2009)
Linux Today Features
Linux Today Sticky Page On this page we'll maintain links to important articles and documents that pertain to Free Software, Linux, and the tech industry. Please submit your suggestions to editors@linuxtoday.com. Thank you! (Jun 15, 2009)
Small Features
The 10 biggest failures in IT history 10 Things: "I recently shared a list of events I believe were pivotal in shaping today’s IT industry - things like the development of COBOL and the creation of UNIX. This time around, I’ve listed a few of the biggest failures in IT..." Nov 1, 2009
A strangely compromised Linux box (Nov 6, 2009, 12:43 UTC) (3579 reads)
(1 talkbacks)
(feedback) A.P. Lawrence: "A customer reported that a Linux machine used for ssh access (to in turn give telnet access to an ancient SCO machine) was refusing logins. I asked him to try logging in as root at the console; he was unable to do so."
Vulnerability in SSL/TLS protocol (Nov 6, 2009, 01:47 UTC) (2696 reads)
(0 talkbacks)
(feedback) The H Open: "According to reports, vulnerabilities in the SSL/TLS protocol can be exploited by attackers to insert content into secure connections. If this is correct, it would affect HTTPS and all other protocols which use TLS for security, including IMAP."
GNOME Cleartext Passwords: Bug or Feature? (Nov 3, 2009, 00:02 UTC) (1849 reads)
(2 talkbacks)
(feedback) Ubuntu User: "The current discussion in the Ubuntu forums is about a possible security hole in GNOME, specifically about GNOME registered users having their passwords appear as cleartext on the keyring. Not a bug, say its defenders, but the security concept behind the GNOME keyring."
Computer Aided Investigative Environment 1.0 released (Nov 2, 2009, 15:34 UTC) (1046 reads)
(0 talkbacks)
(feedback) The H Open: "CAINE and NetBookCAINE (NBCAINE) provide a complete digital forensic environment that's organised to integrate existing software tools as software modules and to provide a simple graphical user interface"
SECURITY: 20 Linux Server Hardening Security Tips (Oct 30, 2009, 14:21 UTC) (3572 reads)
(0 talkbacks)
(feedback) nixCraft: "Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system."
SECURITY: GNU/Linux Security: Linux House vs Microsoft House (Oct 28, 2009, 09:13 UTC) (2989 reads)
(1 talkbacks)
(feedback) ERACC Web Log: "This is the second article in my series about GNU/Linux security for the GNU/Linux curious and new GNU/Linux user. There are many attempts to explain the differences between GNU/Linux and Microsoft products when it comes to security. In this article I am going to make yet another attempt."
Vuurmuur 0.8 Beta 2 Released (Oct 27, 2009, 14:21 UTC) (1349 reads)
(0 talkbacks)
(feedback) It Runs on Linux: "Vuurmuur (Dutch for Firewall) is a powerful Firewall Manager built on top of the Linux Iptables."
SECURITY: Now Linux Can Get Viruses Via Wine (Oct 26, 2009, 18:47 UTC) (3348 reads)
(0 talkbacks)
(feedback) Using Coconuts: "I forget who, but some wiseguy stuck a link to site (not linkified so Google doesn't mark me as evil) on his Facebook wall, which reminded me of one reason I love Firefox (and Linux): security."
Linux and Security: Mission Impossible? (Oct 26, 2009, 14:18 UTC) (2251 reads)
(1 talkbacks)
(feedback) Embedded.com: "The use of Linux in systems requiring high levels of security has been a frequent topic of controversy. Supporters have claimed that Linux's open source approach improves security due to exposure to an enormous, worldwide community of developers and users."
Linux Security Notes - AIDE File Integrity (Oct 22, 2009, 02:03 UTC) (1367 reads)
(0 talkbacks)
(feedback) Howtoforge: "AIDE (Advanced Intrusion Detection Enviornment) is a tool to check the file integrity. It is an opensource substitute for TRIPWIRE."
More Linux Remote Networking Tips and Tricks (part 2) (Oct 21, 2009, 20:03 UTC) (1955 reads)
(1 talkbacks)
(feedback) LinuxPlanet: "In part 1 we learned some neat tricks using OpenSSH and SSHFS for fast remote logins and file sharing. Today in Part 2 we learn how easy it is to configure OpenSSH to use secure public key authentication instead of a password login."
Spam filtering with Kmail (Oct 18, 2009, 08:04 UTC) (1647 reads)
(0 talkbacks)
(feedback) Ghacks: "SPAM. It’s a dreadful word that causes many a computer user to yank out their hair and wish their service provider would do a better job of keeping SPAM out of your inbox"
Windows 7: Unimproved Security (Oct 12, 2009, 18:33 UTC) (4267 reads)
(6 talkbacks)
(feedback) Sure, It's Secure!: "Windows 7 is much better than Vista, but when it comes to security, it's just more of the same old, same old as the first security patches make their appearance."
ClamAV 0.94.x end of life - with prejudice (Oct 7, 2009, 19:02 UTC) (2293 reads)
(0 talkbacks)
(feedback) LWN.net: "Starting from 15 April 2010 our CVD will contain a special signature
which disables all clamd installations older than 0.95 - that is to say
older than 1 year."
A Third Time, Uncharmed
(Oct 5, 2009, 17:03 UTC) (1744 reads)
(0 talkbacks)
(feedback) That grumpy BSD guy: "In our efforts to entice the suits into the wonderful new world of free software, we likely oversold the security part."
SSL trick certificate published (Oct 1, 2009, 17:02 UTC) (3771 reads)
(0 talkbacks)
(feedback) The H Open: "Phishers, for example, could use the certificate to disguise their servers as legitimate banking servers – which would only be detectable by subjecting the certificate to closer scrutiny."
Microsoft Adds Support for StartCom Certificates (Sep 25, 2009, 01:34 UTC) (1982 reads)
(0 talkbacks)
(feedback) Startcom Press release: StartCom is proud to announce that digital certificates issued by the StartCom Certification Authority are now fully trusted and legitimate in Microsoft applications such as Internet Explorer and Office/Outlook. Microsoft recently enabled this support by adding StartCom to its Root Certificate Program in an updated list of trusted root certificates distributed worldwide to users of Microsoft applications.
SECURITY: The First Linux Botnet? (Sep 13, 2009, 19:07 UTC) (6019 reads)
(4 talkbacks)
(feedback) IT World: "Has Linux security been breeched? Are Linux systems in danger of being transformed into botnet zombies the way millions of Windows PCs have been? In a word: Nah."
Protect Your Network With an Open-Source Firewall (Sep 11, 2009, 17:19 UTC) (3321 reads)
(0 talkbacks)
(feedback) NetworkWorld: "SmoothWall Express 3.0 is an open source GNU/Linux firewall which is security-hardened and freely downloadable. By design, it has minimal hardware requirements and a small footprint."
Five messages to never trust in your e-mail box (Aug 31, 2009, 20:03 UTC) (3496 reads)
(2 talkbacks)
(feedback) Sure, it's Secure!: "I love Dr. Gregory House. As a journalist, I can really appreciate his view that "Everybody lies." That may be too cynical for most people, but when it comes to dealing with your e-mail I'm not sure it's possible to be cynical enough."
Besieged by attacks, AT&T dumps celebrity hacker (Aug 21, 2009, 16:34 UTC) (3979 reads)
(7 talkbacks)
(feedback) The Register: "The reason: his status as a celebrity hacker makes his accounts too hard to defend against the legions of script kiddies who regularly attack them."
On Bugs, Viruses, Malware and Linux (Aug 19, 2009, 09:02 UTC) (4053 reads)
(2 talkbacks)
(feedback) Linux Blog Safari: ""If the anti-malware industry has anything to offer GNU/Linux," challenges blogger Robert Pogson, "let them step up.""
Linux NULL pointer dereference due to incorrect proto_ops initializations (Aug 14, 2009, 12:03 UTC) (3929 reads)
(1 talkbacks)
(feedback) cr0 blog: "Tavis Ormandy and myself have recently found and investigated a Linux kernel vulnerability. It affects all 2.4 and 2.6 kernels since 2001 on all architectures. We believe this is the public vulnerability affecting the greatest number of kernel versions."
Consider Linux for Secure Online Banking (Aug 12, 2009, 14:32 UTC) (4049 reads)
(2 talkbacks)
(feedback) eSecurity Planet: "Do you make online financial transactions from a Windows computer? If so, you may want to re-visit that decision."
How To Log Emails Sent With PHP's mail() Function To Detect Form Spam (Aug 11, 2009, 01:33 UTC) (3712 reads)
(2 talkbacks)
(feedback) Howtoforge: "If you are running a webserver you might have faced the problem already: somewhere on your server is a vulnerable contact form or CMS system written in PHP that gets abused by spammers to send emails trough your server."
It's time to get rid of Windows (Aug 8, 2009, 09:02 UTC) (9267 reads)
(16 talkbacks)
(feedback) Cyber Cynic: "I was wrong. Hundreds of millions of Internet users were annoyed because of Windows botnet-based DDoS aimed at one (1) person."
Researchers find insecure BIOS 'rootkit' pre-loaded in laptops (Aug 6, 2009, 10:34 UTC) (3794 reads)
(0 talkbacks)
(feedback) ZDNet: "A popular laptop theft-recovery service that ships on notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and Panasonic is actually a dangerous BIOS rootkit that can be hijacked and controlled by malicious hackers."
Fake ATM doesn't last long at hacker meet (Aug 3, 2009, 12:01 UTC) (5403 reads)
(1 talkbacks)
(feedback) Computerworld: "Criminals running an ATM card-skimming scam made a big mistake this week: They tried to hit the Defcon hacker conference in Las Vegas."
Fun with NULL pointers, part 2 (Jul 31, 2009, 09:02 UTC) (4161 reads)
(1 talkbacks)
(feedback) LWN.net: "But this exploit suggests that there could be a whole class of related problems in the kernel; there is a definite chance that similar vulnerabilities could be discovered - if, indeed, they have not already been found."
Microsoft Forges 3 New Security Tools (Jul 30, 2009, 18:34 UTC) (3117 reads)
(5 talkbacks)
(feedback) LinuxInsider: "Microsoft offered some details on three new security projects at the Black Hat security conference. It also unveiled the progress it's made with some of the projects it announced at last year's event."
Top 20 OpenSSH Server Best Security Practices (Jul 26, 2009, 15:03 UTC) (6455 reads)
(1 talkbacks)
(feedback) nixCraft: "From time to time there are rumors about OpenSSH zero day exploit. Here are a few things you need to tweak in order to improve OpenSSH server security."
Lost in the Cloud (Jul 20, 2009, 21:04 UTC) (2594 reads)
(0 talkbacks)
(feedback) New York Times: "The cloud, however, comes with real dangers.
Some are in plain view. If you entrust your data to others, they can let you down or outright betray you."
