≡ Menu


Mozilla Patches 8 Security Flaws

Mozilla has released software updates to fix at least 8 security vulnerabilities (3 critical bugs) in its Firefox software for the Windows, Linux, Mac and other platforms. You can now download Firefox version 3.0.5. This update has been rated as having important security impact.
[click to continue…]

Red Hat Enterprise Linux 5 IMPORTANT Security Update [ 4-Nov-2008 ]

Red Hat today released kernel updates to fix at least 15 security flaws in its core called Linux kernel. RHEL users can grab the latest updates from RHN website or by simply running yum update command. This update has been rated as having important security impact.
[click to continue…]

Understanding SELinux ( Security-Enhanced Linux )

Nice introduction to SELinux and other option to enhance Linux security. Mandatory access control and role-based access control are relatively new to the Linux kernel. With the introduction of the LSM framework, new security modules will certainly become available. In addition to enhancements to the framework, it's possible to stack security modules, allowing multiple security modules to coexist and provide maximum coverage for Linux's security needs. New access-control methods will also be introduced as research into operating system security continues. From the article:

Linux has been described as one of the most secure operating systems available, but the National Security Agency (NSA) has taken Linux to the next level with the introduction of Security-Enhanced Linux (SELinux). SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space modifications to make it bullet-proof. If you're running a 2.6 kernel today, you might be surprised to know that you're using SELinux right now! This article explores the ideas behind SELinux and how it's implemented.

=> Anatomy of Security-Enhanced Linux (SELinux) Architecture and implementation

Identify and Verify Gnome Users Based on How They Type

This tutorial explains GDM (GNOME Display Manager) modification to support user verification through keystroke-dynamics processing. Modified GDM allows only you to login. If you go ahead and tell your password to a friend. They still won't be able to log in using GDM without knowing the precise method of typing required when entering your user name.

You can create and store a one-way encrypted hash of your keystroke patterns when entering your user name. Add code to GDM to read current keystroke patterns and permit a user to log in when the characteristics are a match.

Many commercial products today provide two-factor authentication on Linux systems. These technologies generally require the purchase of additional hardware and create a closed implementation unsuitable for many environments. The code and processes presented here allow you to implement a low-cost authentication-input system based on the characteristics of how a user types his password into the GDM. Moving beyond examples and into implementation, the modifications to GDM presented here allow you to enhance the security of your computer.

=> Identify and verify users based on how they type

SAP To Roll Out ERP Linux Server Appliance

SAP and Intel , the world's biggest makers of business software and microchips, will jointly offer servers pre-packaged with SAP software aimed at medium-sized firms, the two companies said.

SAP aims to provide customers with a 45% savings on implementation and a 25% savings on total cost of ownership over what they'd typically spend for a comparable hardware/software combo, said Jans Peter Klaey, president of global SME at SAP, in an interview.

The server is available in five Northern European countries and should reach 20 countries this year.

=> SAP, Intel to offer out-of-the-box servers for SME's