If you've used Linux for a long time, you're probably quite familiar with file permissions. Indeed, managing permissions is a critical part of managing a Linux system. In general, you should provide minimal access whenever possible. Every user (or group) should have just enough permissions and no more.
Privacy, Security Archive
As I have browsed this site and others like it, I have often seen comments like "The only way to secure a Windows box is to not connect it to the Internet!" and "How can you stand to use Windows when you have to run tons of apps such as spyware removers and spend hours trying to keep it secure?" Some people have even gone as far as to say that it is literally impossible to secure Windows. Well, I'm here to tell you that not only is it possible, it's actually quite trivial! It requires very little effort and you can do it without running a buttload of security apps and without spending a dime.
Spyware-removal tools are a fairly new commodity from Internet service providers, but some of the software may confuse people as much as it protects them, critics say.
Many of you have new computers in your homes, but how many of you realize that this computer is already vulnerable? How can this be? How can a brand new computer be vulnerable? Read this article and find out more.
A senior Microsoft executive, speaking exclusively to vnunet.com, has dismissed Linux's reputation as a secure platform as a "myth", claiming that the open source development process creates fundamental security problems.
This is a quick overview of using GPG giving a little background material then illustrating its simpler uses. At www.ip-wars.net as An Overview of GPG.
A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor U.S. Secret Service e-mail, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned.
"A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned. " In a related note, security firm Secunia has discovered three very critical security flaws in IE.
Clicking on a hypertext link while viewing a PDF file shouldn't be a security problem as long as you trust the viewer it invokes. But users of xpdf version 0.90 discovered that this assumption was an extremely bad one. When an xpdf user clicked on a hypertext link, xpdf started up a viewer (Netscape by default) and sent the URL to the viewer. So far, so good. But the xpdf developers decided to start up the viewer by using the system() call. That was the bad idea..
A Chinese company has released sample code that exploits new vulnerabilities in the Windows operating system. The LoadImage function and Windows Help program are both affected.
This article will address at a summary level the most significant security risks in the wireless computing environment. The purpose of the article is to introduce in a centralized fashion the scope of the problem and the most significant talking points on the issue of wireless security and to summarize where the industry is in addressing these problems and where it is going.
Faced with an increasing number of deployed Linux servers and no budget for commercial monitoring tools, our company looked into open-source solutions for gathering performance and security information from our Unix environment.
Within 30 days, Microsoft will have a tool available to remove spyware from Windows PCs. The tool comes from a small company called Giant Company Software that Microsoft recently acquired. The anti-spyware tool will initially be free, but Microsoft has stated that it may eventually charge for the program. Update: It seems that another company has co-ownership of the code that Microsoft bought in this acquisition.
To really understand what is going on in your network, you must do more than deploy security devices, you must also monitor your security situation on a constant basis. Intrusion detection monitoring is a major trend in the security industry.
For years, Microsoft has hammered away at the security flaws in its desktop operating system. Now the company is looking to plug another security hole: weak passwords.
Surfing the Web has never been more risky. Simply connecting to the Internet — and doing nothing else — exposes your PC to non-stop, automated break-in attempts by intruders looking to take control of your machine surreptitiously.
Remembering all the logins and passwords to all the services and systems you've got access to is pretty hard to do nowadays. Many people use the same login and password for multiple sites and systems. That won't improve security. One of the IT buzzwords is SSO (Single Sign-on). Most SSO systems are hard to setup and will only provide SSO to the systems of one company. It is possible to easily provide worldwide single sing-on.
The Application Vulnerability Description Language (AVDL) is a rather new security interoperability standard within the Organization for the Advancement of Structured Information Standards (OASIS). Caleb Sima, SPI Dynamics CTO, talks to Help Net Security about this interesting web application security topic.
This guide will show you how to secure Windows XP. While it covers the basics it also goes beyond them without going into "paranoid" mode...This guide is for home users in a stand-alone or workgroup environment. It is intended as a step-by-step guide and we highly suggest you read through the entire article before taking any action. We welcome suggestions and feedback.
Removable media devices are here to stay. Their ease of use and low cost have made them ubiquitous in the work environment – but at what price? In this article they look at the pros and cons of removable media, and the steps IT managers can take to mitigate the security risks associated with them.