16 Results for security

Applied Filters

Filter Results

Click a filter below to apply it to results

AUTHOR
Lisa Hoover (8)
Mike Gunderloy (2)
Reuven Lerner (2)
Sam Dean (2)
view more
SUBMITTED
Apr-2009 (2)
Jun-2008 (2)
Oct-2009 (2)
Apr-2008 (1)
view more
TAG
security (16)
enterprise (2)
linux (2)
palamida (2)
view more

Upgrading Your Linux Box? Read Up on SELinux, and Improve Security

I just spent several days helping to upgrade an organization's servers from Red Hat Enterprise 3 to the latest version, Red Hat Enterprise 5.2. One of the most important, and impressive, issues we dealt with during this upgrade was SELinux, or security-enhanced Linux. SELinux offers a great deal of functionality, and helps to protect Linux boxes from a variety of threats. It forces system administrators to learn a new vocabulary, as well as permissions, logfiles, and programs with which they were previously unfamiliar. Fortunately, there are many good tutorials for SELinux on the Web.



TrueCrypt 6.0: Better Software for the Paranoid

You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding - the critical data on your hard drives. Available for Linux, OS X, and Windows, the software is licensed under its own TrueCrypt license, which is not OSI-approved.


Ruby Vulnerability Reopens Debate Over Full Disclosure

Last week, members of the Ruby community received word that all but the most recent versions of the language contain a serious security hole, and should be upgraded immediately. The announcement indicated that the security problem allows an attacker to potentially execute arbitrary code from a remote location. Other than that general description, what is the problem? Well... the powers that be aren't telling. Zed Shaw, decided to blog about this, announcing the vulnerabilities, as well as the techniques that he used to uncover them.



Interview: Palamida on the Risks of Undocumented Source Code

Many companies are beginning to see the intrinsic value of open source software for the enterprise but as businesses piecemeal solutions together from a variety of options, it's easy to lose track of each app's updates and revisions -- leading to potential security issues from unknown or undocumented code. Increasingly, businesses are turning to security companies like Palamida to analyze their in-use source code for security risks and other vulnerabilities. OStatic caught up with Palamida's vice president of product marketing, Theresa Bui-Friday, for insight into why undocumented source code can leave a company at risk for compliance and legal issues.

 



OpenSSL and Debian: A Cautionary Tale

We don't normally cover security advisories here on OStatic. There's just not enough space to do them all justice, and besides, other folks do a fine job of tracking such things. But a recent vulnerability in the Debian version of OpenSSL is worth spending some time on, because it's a case where the open source system failed for a long time to do its job of producing quality software.


Ubuntu Open Week: Day Two

Ubuntu Open Week continued today with a number of presentations aimed at developers and software engineers. As mentioned before here, the week consists of IRC get-togethers online on a whole range of different topics, many of them pertaining to the new release of Ubuntu.

As the event continued, there were also sessions that offered inside looks at teams within the Ubuntu community and how they work together to create server software and manage security.

 



View Page: 1 2