October 13, 2010 Added by:Jamie Adams
Linux file systems are an essential operating system resource. Modern file systems and disk drive technology are robust and reliable — so, most administrators put little effort into planning or worrying about them once the operating system is configured. This makes me both smile and cringe...
October 10, 2010 Added by:Jamie Adams
Broken links are not only annoying little Tribbles which consume file system resources, they also pose a security risk in the form of a Trojan Horse. A good system administrator will try to control these by using best practices, common sense, and educating their users...
October 06, 2010 Added by:Jamie Adams
The term clean is also associated with performing file system checks to ensure structural integrity with tools such as fsck.ext3(8). In addition to these critical activities, you should routinely "clean" file system access controls — ownerships and permissions...
October 04, 2010 Added by:Jamie Adams
Survivability is defined as the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. As a discipline, survivability builds on related fields of study such as security, fault tolerance, reliability, and performance...
September 30, 2010 Added by:Jamie Adams
Too often administrators jump to the root level to perform routine tasks — this is when mistakes occur. The administrator is in a hurry and enters one wrong space, is in the wrong directory, or types an incorrect parameter - all can result in evil things when the ENTER key is pressed...
September 27, 2010 Added by:Jamie Adams
NATO spokesman James Appathurai denied that the computers were regularly compromised. However, I didn't hear him dispute the fact that the systems were missing many of the basic security patches. So, is it just a matter of time? Or have the systems already been comprised but NATO is unaware?
September 24, 2010 Added by:Jamie Adams
The process of lock down (hardening) is difficult, tedious, and time consuming even for an administrator working on an operating system they're familiar with. This process requires knowledge as to where to configure the item and often how to configure the item...
September 23, 2010 Added by:Jamie Adams
Most overflows are addressed during the development process because testing will often uncover erratic program behavior, memory access errors, incorrect results, and unexpected program terminations. Those which aren't identified and make it into production are often abused by attackers...
September 22, 2010 Added by:Brent Huston
If you are not already looking at the newest SAMBA issue, you should be paying attention. It is a stack-based buffer overflow, exploitable remotely without credentials. The MetaSploit folks are already hard at work on an exploit and some versions are rumored to be floating about the underground...
September 07, 2010 Added by:Eli Talmor
Interacting with the user is the weak point in client-server communications. Machines can employ crypto-graphical mechanisms to ensure authenticity, integrity, and confidentiality of communication, humans rely on their computer to present data and transmit to a server reliably...
August 17, 2010 Added by:Barry Schrager
There is a great article in the current issue of z/Journal Magazine -- Is Your z/OS System Secure? We all assume that our z/OS systems, if properly configured, are secure. But, there is a lot of work to do that and, even then, z/OS and the Independent Software Vendor products, and even your own staff, have system vulnerabilities that can be exploited to circumvent system controls.
July 19, 2010 Added by:Brent Huston
I have really come to love Puppy Linux over the last several years. I use it as a LiveCD/USB platform for secure browsing, a Linux OS for old hardware that I donate to a variety of folks and causes, and as a platform for using HoneyPoint as a scattersensor...
July 16, 2010 Added by:Dan Dieterle
You arrive late to your office; well, you did stop at every coffee place on the way in to make sure they were out too, but what did you expect? You rush to your desk, sit down at your keyboard to login and nothing...
June 23, 2010 Added by:Brent Huston
Just a quick note on the recent Google announcement about dumping Windows for desktops in favor of Linux and Mac OS X. As you can see from the linked article, there is a lot of hype about this move in the press. Unfortunately, dumping Windows as a risk reducer is just plain silly.
June 20, 2010 Added by:Danny Lieberman
It’s World Cup season and Mondial fever will probably put a lot of regional conflicts on the back burner for the next month – not to mention put a dent in a lot of family budgets (husbands buying the latest 60 inch Sony Bravia and wives on retail therapy while the guys are watching football)
Why Bother with Security? [If you’re going... Westley McDuffie on 12-12-2013
Are Security Professionals Exiting the Enter... Westley McDuffie on 12-12-2013
The Security Risks of Remote Support Tools ... Amanda Martin on 12-11-2013