Operating Systems


Using Temporary Files in Linux Scripts Securely

December 07, 2010 Added by:Jamie Adams

Some sysadmins who write scripts might store sensitive data in temporary files, don't restrict access to temporary files, and might forget to remove them from the system when they are no longer needed. In many cases, they use them when it isn't even necessary...

Comments  (0)


Sandboxing: Understanding System Containment

November 29, 2010 Added by:Jamie Adams

The idea of containment within an operating system is sometimes referred to as sandboxing. Some of the more popular technologies specifically designed to accomplish this come to mind: FreeBSD jails, Solaris Containers (including Solaris Zones), and SUSE Linux's AppArmor...

Comments  (5)


Mac Users Get Massive Security Wake Up Call

November 18, 2010 Added by:Headlines

Mac users, who have have long been used to lambasting Windows users over security issues, are getting a big dose of exploit reality this week as Apple releases fixes for 134 vulnerabilities. The record-breaking patch release for Mac OS dwarfs Microsoft's record of 49 patches...

Comments  (0)


Which Linux or UNIX Version Am I Running?

November 17, 2010 Added by:Jamie Adams

Linux distributions are built off of standard kernels but are packaged and bundled differently. Some distributions are Debian-based while others might be Red Hat-based. The collection of packages and how the packages were compiled and delivered are what make Linux distributions unique...

Comments  (2)


Mac Users Beware

November 12, 2010 Added by:Mark Baldwin

There is a widespread belief that Mac OS X is inherently more secure than Windows and that by using a Mac, one is protected from all threats. Unfortunately, not only is this not true, it is dangerous, as it leads people to not take appropriate precautions to protect their computers...

Comments  (1)


Dangers of Self-Managed Development Environments

November 03, 2010 Added by:Jamie Adams

I have seen developers relax security controls during unit development only to be bewildered when full integration testing fails. Many database administrators have strict controls which developers must adhere to. Why isn't it the same when it comes to base operating system resources?

Comments  (3)


Attacking an Unpatched Windows 2008 Server

October 28, 2010 Added by:Bozidar Spirovski

We will use a Windows 2008 target for this demonstration because even if it was released in 2008, and we now have the R2 version, a lot of companies are just starting to implement it. The attack is based on two well known vulnerabilities based on SRV2.SYS driver...

Comments  (0)


Using Windows XP Drop My Rights Utility

October 25, 2010 Added by:Robb Reck

Drop My Rights is a free Windows XP utility offered by Microsoft that allows you to be logged into your computer as an administrator while running high risk programs like Internet Explorer, Firefox and Outlook with reduced privileges...

Comments  (2)


Microsoft Patch Disclosure Summary - October 2010

October 25, 2010 Added by:Bozidar Spirovski

Remote Code Execution vulnerabilities, Elevation of Privilege vulnerabilities, Information Disclosure vulnerability, Denial of Service condition, Information Tampering scenario...

Comments  (0)


Implementing Linux File Systems Sensibly

October 13, 2010 Added by:Jamie Adams

Linux file systems are an essential operating system resource. Modern file systems and disk drive technology are robust and reliable — so, most administrators put little effort into planning or worrying about them once the operating system is configured. This makes me both smile and cringe...

Comments  (4)


Broken Links in Linux File Systems Can Be BAD

October 10, 2010 Added by:Jamie Adams

Broken links are not only annoying little Tribbles which consume file system resources, they also pose a security risk in the form of a Trojan Horse. A good system administrator will try to control these by using best practices, common sense, and educating their users...

Comments  (0)


Keeping Linux File Systems Clean and Secure

October 06, 2010 Added by:Jamie Adams

The term clean is also associated with performing file system checks to ensure structural integrity with tools such as fsck.ext3(8). In addition to these critical activities, you should routinely "clean" file system access controls — ownerships and permissions...

Comments  (0)


Linux Clusters: Keeping Nodes Securely Configured

October 04, 2010 Added by:Jamie Adams

Survivability is defined as the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. As a discipline, survivability builds on related fields of study such as security, fault tolerance, reliability, and performance...

Comments  (2)


Root Accounts - The Root of All Evil?

September 30, 2010 Added by:Jamie Adams

Too often administrators jump to the root level to perform routine tasks — this is when mistakes occur. The administrator is in a hurry and enters one wrong space, is in the wrong directory, or types an incorrect parameter - all can result in evil things when the ENTER key is pressed...

Comments  (15)


Stuxnet Worm Reveals Default Password Vulnerabilities

September 27, 2010 Added by:Jamie Adams

NATO spokesman James Appathurai denied that the computers were regularly compromised. However, I didn't hear him dispute the fact that the systems were missing many of the basic security patches. So, is it just a matter of time? Or have the systems already been comprised but NATO is unaware?

Comments  (22)


Lock Down Heartburn: Windows to Linux Migration

September 24, 2010 Added by:Jamie Adams

The process of lock down (hardening) is difficult, tedious, and time consuming even for an administrator working on an operating system they're familiar with. This process requires knowledge as to where to configure the item and often how to configure the item...

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »