Thursday, March 15, 2007

SELinux by Example. (Book Review) SELinux by Example. Ravi writes "SELinux is a project started and actively maintained by the U.S Department of Defense to provide a Mandatory Access Controls mechanism in Linux. It had been a long standing grouse of Linux power users and system administrators over its lack of fine grained access control over various running processes as well as files in Linux. While Solaris touts its famous RBAC and Microsoft Windows has its own way of providing finer rights to its resources, Linux had to put up with the simple but crude user rights known in tech speak as discretionary access control to control user access of files. With SELinux project making great strides and now being bundled with many major Linux distributions, it is possible to effectively lock down a Linux system through judicious use of SELinux policies. SELinux implements a more flexible form of MAC called type enforcement and an optional form of multilevel security." -- Read the rest of Ravi's review. Or go directly to my Amazon Associate site and buy the book - SELinux by Example [Slashdot] 3:49:06 PM

Core Security | CoreLabs - OpenBSD's IPv6 mbufs remote kernel buffer overflow Vulnerability Description The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in: 1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or; 2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic) The issue can be triggered by sending a specially crafted IPv6 fragmented packet. OpenBSD systems using default installations are vulnerable because the default pre-compiled kernel binary (GENERIC) has IPv6 enabled and OpenBSD's firewall does not filter inbound IPv6 packets in its default configuration. 3:42:23 PM

Remote Exploit Discovered for OpenBSD. Remote Exploit Discovered for OpenBSD. An anonymous reader writes "OpenBSD is known for its security policies, and for its boast of "only one remote exploit in over 10 years". Well, make that two, because Core Security has found a remotely exploitable buffer overflow in the OpenBSD kernel. Upgrade your firewalls as soon as possible." [Slashdot] 3:39:14 PM

New Fraudulent Adware Uses Rootkit Techniques. New Fraudulent Adware Uses Rootkit Techniques. "Under no circumstances should users download applications through pop-up ads, or shortcuts that suddenly appear on the desktop." [GT: Security and Privacy] 3:16:48 PM

Spyware Legislation Could Aid Enforcement, CDT Testifies. Spyware Legislation Could Aid Enforcement, CDT Testifies. An anti-spyware measure pending in Congress contains important provisions that could strengthen enforcement against spyware scammers, but broad consumer privacy legislation is still needed to address the larger issues associated with spyware, CDT Deputy Director Ari Schwartz told a congressional panel today. Testifying before the House Energy and Commerce Committee's Subcommittee on Commerce Trade and Consumer Protection, Schwartz applauded language in the Spy Act (H.R. 964) that bolsters the Federal Trade Commission's enforcement capabilities. But Schwartz also noted that the longtime practice of addressing privacy concerns sector-by-sector, rather than as part of a broader initiative would not get to the root of the problem. [Center for Democracy and Technology] 2:45:50 PM

Interpreting the Results of a Vulnerability Assessment: How to Focus on What's Important in Your Web Application Security Testing. Interpreting the Results of a Vulnerability Assessment: How to Focus on What's Important in Your Web Application Security Testing. SPI Dynamics just completed a new article, written by Kevin Beaver and Caleb Sima, that discusses how to interpret and prioritize the results of Web application security tests. By Kevin Beaver. [Infosec Writers Latest Security Papers] 1:59:06 PM

© Copyright 2007 Paul Hardwick. Last update: 3/18/07; 11:19:29 PM.