Interviews

So You Want to Be a Cyber Security Professional
Everyone needs a good security pro on their IT team. But where does someone pick up the skills needed to become such a pro? We talked to David Rice from the SANS Institute to learn how to enter a profession needed for all platforms.
Wednesday, July 28, 2004 12:23:22 PM EST

Security Expert Gives Operating Systems Poor Security Grade
Recently, Purdue University Professor Gene Spafford gained attention in the Linux community for his disparaging remarks on the Linux operating system's security. But Linux administrators and users should not take his remarks personally: Spafford believes that Linux and Windows each have poor security designs. LinuxPlanet welcomes writer Robert McMillan, who recently interviewed the security expert for his take on the state of computer security today.
Monday, October 14, 2002 10:35:31 AM EST

Opinions

Ramen and the Danger of Default Linux Configurations
The security field is all aflutter about a worm that takes advantage of well-known security lapses in Red Hat Linux -- lapses that most experienced Linux system administrators addressed back in September 2000. And while the so-called Ramen worm doesn't do a whole lot of damage to Linux systems, it does point out the need for constant awareness to security issues -- beginning with the default configurations offered by most Linux distributions. Kevin Reichard reports.
Thursday, January 18, 2001 02:05:38 PM EST

The Real Lessons of ILOVEYOU
Yes, it was easy enough to bash Microsoft when a rogue Visual Basic script took down a good portion of the world's personal computers. But Dennis E. Powell points out that the real lessons that we should glean from this fiasco are basic in nature: that in general our PCs are not as secure as they should be--and that goes for the average Linux user as well.
Tuesday, May 9, 2000 01:02:52 PM EST

Reports

Moving Closer to 802.11n
The Linux kernel's wireless networking has received a welcome overhaul, but 802.11n drivers are still in their early stages.
Monday, August 27, 2007 11:19:59 AM EST

Tresys Nails 'Hardened Security' With Brickwall & Upcoming Razor
After releasing Brickwall Security Suite in January, open source security specialist Tresys Technology is forging ahead on a user symposium slated for March, plus work with IBM around Razor, its second commercial product for smoothing implementation of the SELinux "hardened security" now included in the Linux kernel.
Wednesday, February 28, 2007 09:07:36 PM EST

Verano--Improving Industrial Network Security
Verano is on a mission to safeguard industrial control networks... like manufacturing plants, waterworks, or electrical grids. They use a combination of hardware, proprietary and Open Source based software to head off threats, both internal and external to the protected network. Rob Reilly reports on the company's latest technology.
Monday, December 5, 2005 12:28:46 PM EST

Kaspersky: More Adoption Could Make Linux Attractive Target
Linux needs anti-virus? As malware writing gains more of a profit motive, according to one security exec, that improbable future may yet come to pass.
Tuesday, September 6, 2005 03:38:27 PM EST

Imprivata's OneSign Simplifies Password Management
"Imagine having separate login names and passwords for your desktop machine, email account, and the main application that you use for your job. At the same time, you might have a different user name/password combination for a web application or other programs. Then imagine, that all the systems you use enforce password aging, on different time schedules. In short order, the situation gets way out of hand..."
Monday, November 15, 2004 10:13:11 AM EST

Network Intrusion Detection, Neighborhood Watch Style
Keeping an eye on the valuables stored away in your network is a tough job these days. Thugs and criminals are trying to jimmy your ports. Terrorists are lurking around your network neighborhood. And stealthy email spy-ware may already be in employee mailboxes, just waiting to silently ship secrets out to the cyber underworld.
Monday, October 11, 2004 12:35:29 PM EST

Verano's Industrial Defender Does Just That
So, what's keeping the bad guys out of the computer systems that run a huge metropolitan water works? Or, how would a plant manager know if someone had broken into his multi-megawatt power plant's network? What would happen if a virus got into their plant's networks and took out all of their MS boxes for a few hours? These are questions that security company Verano is answering with Linux-based technology.
Monday, June 21, 2004 11:17:28 AM EST

SUSE/IBM, Red Hat/Oracle Tool Up On CCS Security
Backed by big name partners, SUSE Linux and Red Hat are each putting their security systems through the rigorous paces of Common Criteria Scheme (CCS) testing, with ultimate plans to reach the same security ratings already achieved by Microsoft and Unix players.
Friday, December 19, 2003 01:56:17 PM EST

Linux in the Security Crosshairs
Linux's growing popularity is attracting unwanted attention from virus writers, script kiddies and other criminal elements. In response, Linux advocates are putting a new emphasis on security measures and working to reassure companies that the OS is ready for important business networks.
Monday, December 15, 2003 10:51:44 AM EST

Linux Security: Tips from the Experts
Is Linux more secure than Windows, or vice versa? Fueled by conflicting industry reports, this controversy keeps raging. To arrive at a well-informed opinion on the subject, you need to know as much as you can about what kinds of security measures are actually available for Linux.
Thursday, October 30, 2003 10:27:40 AM EST

PureMessage Raises E-mail Admin Standard
URGENT REPLY REQUESTED may have been funny the first two thousand times it showed up in your employees' Inboxes, but now it and the rest of the deluge of spam and viruses have added up to a real and burdensome cost in manpower and systems. One Canadian firm is using the power of Perl for a fast, sleek, and very efficient e-mail administation and filtering tool: PureMessage.
Tuesday, September 2, 2003 11:48:06 AM EST

ActivCard Gets Physical (Security) with Linux
Linux is a secure operating system, of that we have no doubt. But let's face it, anyone with a little knowledge and a lot of physical access can get onto any machine, Linux or otherwise. Physical security is a key--yet often overlooked--aspect of overall security. This week, ActivCard has introduced a new commecial product that will enable smart card control of a Linux system, along with a whole range of network, Internet, and e-mail security possibilities.
Thursday, June 26, 2003 02:03:41 PM EST

Invisibly Protecting your Digital Assets with Public Key Infrastructure
Public Key Infrastructure (PKI) offers the opportunity to streamline your procedures for protecting and sharing sensitive and valuable information. When it comes to protecting your company's valuable digital assets, you owe it to yourself to investigate what doors PKI can open for you and your organization.
Monday, June 23, 2003 11:39:19 AM EST

Real World Linux Showcases New Products, Strategies
Dee-Ann LeBlanc took a trans-Canadian trip to Toronto this week to visit and speak at the Real World Linux conference. She picked up some interesting bits of news while she was there, including word of a new business venture from TransGaming.
Thursday, May 1, 2003 11:24:38 AM EST

Hot Rodding Your Slightly Dated Laptop For Fun and Profit
Are you skittish about putting Linux on your laptop because the installation will be hard and it will be tough to find the right drivers? Are you worried that you're going to be limited to command-line based applications, especially on that old corporate laptop that moves like molasses under the weight of XP? Try revving up your beat up old laptop, using Linux to get some serious performance from something that was once obsolete.
Monday, November 18, 2002 10:42:26 AM EST

Moving The Open Web Application Security Project Out Of The Shadows
Nearly every news program, talk show and print media headline now has a security angle. If you are an IT Manager or Executive, you are probably pulling your hair out trying to secure your Information Technology systems...especially web applications. You think about firewalls. You think about hackers and terrorists. You think about your revenues if someone breaks your web based ordering system. So, while everybody talks about what to do... who really is doing something? Look to the people on the Open Web Application Security Project for many of the answers to these solutions.
Wednesday, July 24, 2002 11:46:14 AM EST

Astaro: A "Swiss-Army Knife" of Security Software
Astaro Security's software is becoming a strong player in a widening market as more and more clients find they need the strength of heavy-duty security, the flexibility of open source, and the pricing that won't blow the IT budget out of the water. Jacqueline Emigh reports.
Tuesday, April 30, 2002 02:42:33 PM EST

Jay Beale: Education Is Primary Defense for Secure Machines
Jay Beale, lead developer for Bastille Linux and one of the foremost experts on Linux security, has a straightforward recipe for securing your Linux Web site: make sure you have no unnecessary services running and make sure you always have the latest security patches installed. This advice seems simple --but you'd be surprised how many Linux sysadmins don't follow it. Brian Proffitt interviews.
Friday, February 16, 2001 06:41:54 PM EST

Protecting Your Linux System with FireStarter and Storm Firewall
With Linux emerging as a powerhouse on the desktop, it's more important than ever to make sure that your Linux system is secured. Michael Hall reviews two tools that automate the process of setting up a firewall on your system: FireStarter and Storm Firewall.
Friday, December 1, 2000 11:44:36 AM EST

There but for the Grace of Bill....
Linux users are feeling pretty smug about their seeming invincibility as they watch Windows users get dragged down with the latest in viruses. But Scott Courtney warns that the same techniques used to attack Windows systems can attack Linux email as well.
Friday, May 5, 2000 12:46:23 PM EST

Reviews

The Top 75 Open Source Security Apps
Without much fanfare, the open source security area is growing rapidly. Here are top contenders from anti-virus, firewalls, forensics, intrusion detection, and more.
Monday, April 28, 2008 12:04:01 PM EST

Blue Security's Do Not Intrude Registry
Most people set up some type of filter to weed out the bad email from the good. That approach, has its limitations. One company is trying a new, open source-based approach that creates a user-enforced "Do Not Spam" list.
Thursday, February 2, 2006 09:23:03 AM EST

Linux--The Most Secure OS of All?
Continuing her coverage of PC Expo's sessions on Linux and Open Source, Jacqueline Emigh rounds up secure and hardened Linux distros and reports on what needs can be met by which hardened Linux distribution.
Thursday, October 2, 2003 03:39:01 PM EST

Linux Makes Automation, Infrastructure Strides
The daunting task of managing large utility companies' physical assets and automating complex manufacturing was one the domain of commercial UNIX. Now one company is switching over their supervisory and control software to the Linux platform--and the customers are benefiting right from the get go.
Tuesday, January 21, 2003 08:32:20 AM EST

Webmin
Martin takes a look at Webmin, a Perl based inspection and administration program.
Monday, May 31, 1999 07:43:50 PM EST

Tips

Distribute /etc/passwd among several machines securely
Use rsync, ssh and cron.
Tuesday, October 26, 1999 06:37:28 AM EST

Disable external X11 for greater security
Turn off this often overlooked service
Sunday, October 24, 1999 05:35:35 AM EST

Tutorials

An Easy Tutorial on IP Tables and Port Knocking
Do you wish you had access to your home file server without leaving your firewall wide open to attacks? Well today's your lucky day! While you can implement this on any OS its easiest to do this on Linux. This article will show you how to lock down your firewall and implement a port knocker to let you in.
Monday, February 4, 2008 10:53:27 AM EST

Protecting Data with Encrypted Linux Partitions
We see the headlines all the time: "Company X Loses 30,000,000 Customer Social Security Numbers and Other Intimately Personal and Financial Data! Haha, Boy Are Our Faces Red!" And it always turns out to be some "contractor" (notice how it's never an employee) who had the entire wad on a laptop with (seemingly) a terabyte hard drive, which was then lost or stolen, but nobody is quite sure where or when.
Thursday, June 14, 2007 09:19:24 AM EST

Keeping a Lid on Linux Logins
When asked about security on a multi-user Linux system, a wise man once said "everyone is root if you allow them to login as a user." There is plenty of truth in that, but embracing imminent compromise isn't always acceptable. Charlie Schluting takes a look at how you can limit your exposure while letting unknown and untrusted users login with a shell.
Monday, February 12, 2007 10:27:07 AM EST

Bad-Guy Tools for Good Guys
Sure, plenty of the "security tools" your neighborhood script kiddy uses aren't built with your best interests at heart. That doesn't mean they aren't useful, as Paul Rubens reveals.
Monday, January 8, 2007 11:51:37 AM EST

Keep Tabs on Network Services with Nagios, Pt. 2
Last week, LinuxPlanet provided a brief overview of Nagios, and explained how it can make your infrastructure monitoring fun and easy. As promised, here is a closer examination of the configuration files, because that's the biggest hurdle to setting up a lean, mean monitoring machine with Nagios.
Monday, June 19, 2006 09:37:05 AM EST

The Penguin's Practical Network Troubleshooting Guide
Linux has everything you need to do any kind of networking, plus it has eleventy-eight hundred different software utilities for network monitoring and troubleshooting. Today Carla Schroder shows how to pinpoint connectivity problems and how to map your network and all running services. This is handy not only for keeping tabs on everyday activities, but also to catch users running illicit hosts and services.
Tuesday, June 6, 2006 10:24:09 AM EST

Preventing Buffer Overflow Exploits Using the Linux Distributed Security Module, Part 1
Internet servers (such as Web, email, and ftp servers) have been the target for different kinds of attacks aiming to disable them from providing services to their respective users. One particular exploit, which has become almost ubiquitous in the last several years, is the buffer overflow exploit. In Part 1 of this article, we describe the buffer overflow exploit and provide detailed examples to help understand it.
Monday, December 12, 2005 11:06:07 AM EST

Tuneups and Tweaks for the Better Spam-Trap
Building an Anti-Virus/Anti-Spam Gateway Part 3: When you build a strong anti-spam solution, you have to count on a few false positives. Here's how to tune your Linux anti-spam gateway to let the good guys through without opening the doors to spammers.
Thursday, October 7, 2004 10:32:11 AM EST

Sawing Linux Logs with Simple Tools
"Even if your servers are running at the peak of perfection, you still need to keep an eye on the logs. This month's scripting clinic covers the basics you need to make sense out of all those miles of digital chatter..."
Monday, September 20, 2004 11:22:15 AM EST

SpamAssassin and Amavisd: Go Ninja On Your UBE Woes
Building an Anti-Virus/Anti-Spam Gateway (Part 1): With SpamAssassin, Amavisd-new, and ClamAV, you've got all you need to build a Linux-based SMTP gateway that stops spam and viruses cold.
Thursday, September 9, 2004 11:38:36 AM EST

Building an LDAP Server on Linux, Part 1
Your network is growing in size and complexity. It's taking on a life of its own, spreading and growing and absorbing everything in its path. You're tearing your hair out trying to keep track, and your users have somehow discovered your secret phone number and are pestering you with endless questions and demands. The solution may just be an LDAP server of your very own.
Wednesday, October 8, 2003 10:24:07 AM EST

Admin Digest: Stopping Spam with Linux
Spam is a topic that will get most sys admins to start pulling out their hair whenever it's mentioned. This deluge of white noise floods e-mail inboxes every day. But is there a way to turn down the volume on some of this noise? In this Admin Digest, Rob Reilly reviews some of the better ways to block dreaded spam.
Monday, March 24, 2003 09:38:14 AM EST

Admin Digest: The Basics of Linux Network Security
The pervasiveness of the Internet has led to more and more opportunities for your company's servers to be attacked from without. Part-time Linux admins, never fear. Our updated network security basics document will get you well on your way to locking your system down.
Monday, January 6, 2003 01:36:47 PM EST

Controlling Access to Your Services with xinetd
One of the most powerful aspects of Linux is its ability to launch services, or daemons, and run them in the background as needed. But running all of these background services can be an administrative headache when you take into account user access and permissions, too. Dee-Ann LeBlanc walks readers through the basics of xinetd, a tool that lets you securely and effectively lock down services on your Linux machine.
Monday, October 21, 2002 10:33:42 AM EST

Remote Administration of Linux Systems
One of the best advantages of using Linux is the ability to quickly and (if done correctly) safely logon to and administer another machine from across the room or across the planet. All you need are the right tools, a little paranoia, and just a little time, as Alexander Prohorenko details in this tutorial.
Tuesday, August 27, 2002 11:00:32 AM EST

Linux Networking, Part 6: Securing Your Network
Now that you've mastered the basics of setting up a small-office/home-office Linux network, it's time to tackle an incredibly important issue: securing your network. In this installment, William Wong describes the steps you can take to secure your Linux network.
Wednesday, November 8, 2000 09:28:42 AM EST