Blog Posts Tagged with "Operating Systems"


Security-Enhanced Linux Support

September 22, 2011 Added by:Jamie Adams

SELinux is an enhancement to the standard kernel that provides fine-grained security MAC rules. The Targeted policy provides security for commonly used daemons such as httpd, dhcpd, mailman, named, portmap, nscd, ntpd, portmap, mysqld, postgres, squid, syslogd, winbind, and ypbind...

Comments  (0)


NIST Guidelines: Security Content Automation Protocols

September 20, 2011 Added by:Headlines

Bringing order and security to the patchwork quilt of computing environments in a large organization can be a daunting task. NIST recently released four new publications that detail specifications to be used by the latest version of the Security Content Automation Protocol (SCAP)...

Comments  (0)


Log Management at Zero Cost and One Hour per Week?

August 01, 2011 Added by:Anton Chuvakin

CAN one REALLY do a decent job with log management (including log review) if their budget is $0 AND their time budget is 1 hour/week? I got asked that when I was teaching my SANS SEC434 class a few months ago and the idea stuck in my head. The only plausible way that I came up with is...

Comments  (3)


The Best And Most Secure Windows OS Ever

July 14, 2011 Added by:Kevin McAleavey

When it comes to the number one "moment of abject stupidity" that award has to go to "browser/OS integration" with the release of Windows98. There was much outcry including my own testimony at an FTC hearing, and at the end of my testimony, I warned the FTC what was to come from this...

Comments  (5)


Why Windows is a Bad Idea for Medical Devices

July 12, 2011 Added by:Danny Lieberman

Vendors that use Windows for less critical devices are actually increasing the threat surface for a hospital since any Windows host can be a carrier of malware, regardless of it’s primary mission function, be it user-friend UI at a nursing station or intensive care monitor at the bedside...

Comments  (0)


What is a Kernel Level Audit Trail?

July 11, 2011 Added by:Jamie Adams

Few people understand how audit records are generated or the difference between a kernel level audit trail and an application event log. It is critical to configure auditing and logging mechanisms to capture the right data to safeguard the data to prevent it from being modified...

Comments  (0)


Protecting Linux Against DoS/DDoS Attacks

June 27, 2011 Added by:Jamie Adams

When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim...

Comments  (0)


Ban Windows from Embedded Medical Devices

June 24, 2011 Added by:Danny Lieberman

The combination of large numbers of software vulnerabilities, user lock in created by integrating applications with Windows, complexity of Microsoft products and their code and Microsoft predatory trade practices are diametrically different than Linux and the FOSS movement...

Comments  (0)


Microsoft Monoculture as a Threat to National Security

June 10, 2011 Added by:Danny Lieberman

A report from a stellar cast of infosec experts and thought leaders shows that the complexity and dominance of Microsoft’s Windows operating system in US Federal agencies makes the government prone to cyber attack – a national security threat. This was in September 2003...

Comments  (2)


TDSS Rootkit Boasts Self-Propagating Mechanisms

June 07, 2011 Added by:Headlines

"If the victim computer is located on a network using the DHCP protocol, the worm starts scanning the network to see if there are any available IP addresses. After that, the worm launches its own DHCP server and starts listening to the network..."

Comments  (0)


A Review of the New Backtrack 5 Operating System

June 02, 2011 Added by:Lee Munson

If you are a computer security consultant, there is no better tool to use than Backtrack. If you own a company that has to store important data, then it is vital for you to have a tool like this so your security people can test your network with the same tools the bad guys are using...

Comments  (0)


Using the Shun Command on the PIX/ASA

May 18, 2011 Added by:Global Knowledge

One command that had a fairly long history first with the PIX Firewall and now the ASA is the shun command. In this post we’ll examine this command’s history, why it’s useful, and its new-found resurgence in threat detection implementation...

Comments  (1)


Security on Mobile Payment Terminals via Consumer Devices

May 16, 2011 Added by:Rafal Los

The reality of the situation is that we don't have any good answers. I've been looking unsuccessfully for some type of guidance that doesn't rely on the underlying mobile OS to protect the application - but that's really a fool's errand anyway...

Comments  (1)


Is Too Much Focus Put on the Application Layer?

May 06, 2011 Added by:Keith Mendoza

Information system security is really nothing new, its just that no one has paid attention to it until recently; and the focus seem to mostly be on securing the application. My question is: who will make sure that the attack vector will not come from the hardware layer?

Comments  (4)


Mobile Phone Operating System Insecurity

April 26, 2011 Added by:Robert Siciliano

Research is primarily geared towards securing mobile payments, and there is a lack of coordination between mobile payment developers, device manufacturers, and mobile operating system platform developers. Hackers are taking advantage of the loophole created by this lack of coordination...

Comments  (1)


Top Five Mobile Operating System Options

April 20, 2011 Added by:Robert Siciliano

Five major players have floated to the top, dominating a major chunk of the mobile operating systems market. It used to be that people chose their phone only by their carrier and what brands they offered. Today many choose their phone based on the manufacturer and its operating system...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »