Sshutout and Fail2ban Fighting dictionary attacks with Sshutout and Fail2banJun 01, 2008
Services that require a username and password for login are potential targets for dictionary attacks. Sshutout and Fail2ban introduce time penalties for invalid attempts.more »
The GnuTLS project has published two bugfix releases to close several vulnerabilities and resolve an error capable of interrupting connections.more »
The security and quality of Open Source software just keeps on improving, as code analysis by Coverity reveals.more »
Red Hat's David Airlie reports in his blog that a simple hack allowed him to develop an X server without root privileges in the course of just one afternoon.more »
Security researchers iDefense have disclosed three vulnerabilities in the Rdesktop Remote Client.more »
The Ubuntu security team has released an update to close a vulnerability in the Vorbis Tools for editing music files in Ogg-Vorbis format.more »
The developers of the free Bugzilla bug management system have fixed several bugs including a vulnerability that enabled cross site scripting attacks.more »
DNSSEC Trusted name resolution with DNSSECMay 01, 2008
Some Internet exploits target name resolution servers. DNSSEC uses cryptography to protect the name resolution service.more »
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.