Security Alerts
New Nmap  Noel Davis looks at a new version of Nmap, problems in jailed processes under FreeBSD, and other problems in Adobe Acrobat Reader, the GNU Coreutils dir command, xboing, Apple Filing Protocol, libxml2, GNU Anubis, Sun's passwd command, and Safari.   [LinuxDevCenter.com]

The Journey from Poacher to Gamekeeper  Chris McNab, author of O'Reilly's upcoming Network Security Assessment, has been on both sides of the hacker fence. In this article, Chris explains how his past led him to trade in his black hat for a white one, and what he hopes to achieve with his new book.  [security.oreilly.com]

Security Alerts
Kernel Trouble  Noel Davis looks at problems in the Linux kernel, AMD64 Linux kernels, XFree86, slocate, mod_python, susehelp, mutt, metamail, Mailmgr, PWLib, clamav, and NetBSD's Racoon IKE daemon.   [LinuxDevCenter.com]

Security Alerts
Real Problems  Noel Davis looks at problems in PHP, Perl, the GNU C Library, OpenBSD, FreeBSD, NetBSD, Oracle9i, RealOne, RealPlayer, CVSup, gaim, GNU libtool, and mailman.   [LinuxDevCenter.com]

Security Alerts
Lotus Trouble  Noel Davis looks at problems in Lotus Notes for Linux, tcpdump, mod_perl, kdepim, honeyd, NetWorker, NetPBM, jabber, mc, and Mambo Open Source.   [LinuxDevCenter.com]

Web App Security Testing with a Custom Proxy Server  Assuming users will only access your web applications as you intend may be the best way to invite abuse. Attackers have tools to build bogus responses, so why not use the same techniques to toughen your own sites? Nitesh Dhanjani demonstrates how a custom proxy server can help you test the security of your web apps.   [ONLamp.com]

Introducing mod_security  Every layer of security you can add is one more deterrent for the bad guys. Writing (or choosing) secure code is important, but it's not the only defense. Ivan Ristic, creator of mod_security, explains how this Apache module can turn back potential attacks before they reach your code.   [Apache DevCenter]

Distributed Computing Sanity Checking  Distributed computing can be a little scary. Clients are running code on their computers and servers are trusting clients to send back valid data. However you're participating, how can you be secure? Howard Feldman suggests several techniques to evaluate the trustworthiness of a distributed computing project.   [ONLamp.com]

Single Sign-on for Your Web Applications with Apache and Kerberos  In this article, Jason Garman, author of Kerberos: The Definitive Guide, walks you through the implementation of SPNEGO, which allows for single sign-on of your web applications with Apache and Kerberos. Once you've performed these steps, clients who access the protected area of your Apache web server will transparently pass their domain credentials to your web server, with no separate username or password prompts.   [ONLamp.com]

PHP Foundations
PHP Security, Part 3  A malicious user will likely start his attack by using your system in ways you never anticipated. Your system logs are an oft-neglected defense tool. John Coggeshall shows how PHP's error logging and reporting functions can help you secure your applications.   [PHP DevCenter]

Security Alerts
New Apache  Noel Davis looks at a new release of Apache, and problems in fileutils, coreutil, anonftp, Kpopup, CUPS, Libnids, PostgreSQL, thttpd, mod_security, and the Linux Java Installer.   [Linux DevCenter]

Inside Prelude, an Open Source IDS  Keeping the bad guys out is important. Knowing whether, not if, they're in is even more important. Prelude, an open source IDS, takes a hybrid approach to security, collecting information from various sensors. KIVILCIM Hindistan talks to Yoann Vandoorselaere, Prelude's lead developer.   [ONLamp.com]

FreeBSD Basics
Improving User Passwords with apg  The biggest security weakness in any system is usually its users. One line of defense is choosing and enforcing a good password policy. The automatic password generator port can help your users create -- and remember -- effective passwords. Dru Lavigne demonstrates its use and configuration.   [BSD DevCenter]

Security Alerts
OpenOffice Irritation  Noel Davis looks at problems in OpenOffice, slocate, fetchmail, GDM, Tomcat, ircd, HPUX's dtprintinfo, and Openserver's Xsco.   [Linux DevCenter]

Security Alerts
Denial-of-Service Attacks  Noel Davis looks at denial-of-service attacks against Apache, OpenSSL, and FreeBSD, and problems in Perl, lsh, Teapop, ProFTPD, TclHttpd, MPlayer, Node, mpg123, and Freesweep.   [Linux DevCenter]

Security Alerts
Problems Aplenty  Noel Davis looks at problems in XFree86, Stunnel, Exim, wu-ftpd, pam_smb, gdm2, pam_ldap, whois, the atari800 emulator, Horde, MPlayer, and Node.   [Linux DevCenter]

Security Alerts
Sendmail Trouble  Noel Davis looks at problems in Sendmail OpenSSH, Pine, saned, MySQL, gtkhtml, and Solstice AdminSuite.  [Linux DevCenter]

FreeBSD Jails  A common security breach involves exploiting one application to gain access to another. Keeping separate applications separate can limit the potential damage. Mike DeGraw-Bertsch explains how FreeBSD's jails can help secure necessary applications.   [BSD DevCenter]

PHP Foundations
PHP Security, Part 2  If you have users, you'll undoubtedly have bad guys trying to break things. As a developer, it's your responsibility to make sure your code is secure. John Coggeshall explains how system calls from PHP can be exploited -- and how to make them secure.   [PHP DevCenter]

PHP Foundations
PHP Security, Part 1  If you have users, you'll undoubtedly have bad guys trying to break things. As a PHP developer, it's your responsibility to make sure your code is secure. John Coggeshall demonstrates one common PHP error that can leave you vulnerable, and he explains how to think like a bad guy to prevent these mistakes in the first place.   [PHP DevCenter]

Securing Small Networks with OpenBSD
Changes in pf: Packet Filtering  OpenBSD's packet filter has really grown up. Since its introduction in OpenBSD 3.0, it's become an advanced tool for networking and security. In the third of four articles, Jacek Artymiak explores new options for packet filtering with pf in OpenBSD 3.2, after NAT and redirection have taken place.   [BSD DevCenter]

Ten Security Checks for PHP, Part 2  The same global access that makes web apps useful means that you have to keep on top of security. Though it's easy to create sites in PHP, it's not immune to sloppy coding. Clancy Malcolm explains how to recognize and fix five potential security holes with PHP in the second of two articles.   [PHP DevCenter]

Ten Security Checks for PHP, Part 1  The same global access that makes web apps useful means that you have to keep on top of security. Though it's easy to create sites in PHP, it's not immune to sloppy coding. Clancy Malcolm explains how to recognize and fix five potential security holes with PHP in the first of two articles.   [PHP DevCenter]

Contact Us | Advertise with Us | Privacy Policy | Press Center | Jobs

Copyright © 2000-2004 O坦eilly Media, Inc. All Rights Reserved.
All trademarks and registered trademarks appearing on the O'Reilly Network are the property of their respective owners.

For problems or assistance with this site, email