Secure Penguin: Linux Security Topics

Oracle Security Patches: October 2010

Rmccarty — Fri, 15 Oct 2010 15:49:38 +0000

Oracle has released its October enterprise products critical patches: http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html. Its enterprise products include Oracle database which is deemed critical by many Linux shops. Oracle provides a risk matrix for the seven new security fixes to its database product at: http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html#AppendixDB

The top risks that Oracle are fixing are network based and are considered simple to exploit (with the highest requiring no user privileges.)

Time for patching…

Honeypot needed? Try Kojoney

Rmccarty — Mon, 11 Oct 2010 14:47:35 +0000

Kojoney (http://kojoney.sourceforge.net/) is a niche honeypot program for creating a secure shell (ssh) honeypot. While it’s use may see limited since it is focusing purely on ssh, many enterprise may prefer simple configuration for the few applications they may have exposed to the Internet (mail, web, and ssh).

The user poustchi over at HotoForge has published an article on how to quickly get Kojoney up and running quickly on Cent OS 5.5, although the instructions are solid enough to get Kojoney up and running on most Linux and Unix platforms: http://www.howtoforge.com/forums/member.php?u=42187.

Astaro Security Gateway Update

Rmccarty — Fri, 08 Oct 2010 14:56:12 +0000

Astaro has released version 8.002 of its Astaro Security Gateway (ASG) product. The ASG is a security solution based on Linux that provides network security, mail security, and web application firewall technology.

The update is mostly a bug fix release and more information is available here: http://www.astaro.com/blog/up2date/up2date-8-002-released.

Securing Linux: New Release of Devil-Linux

Rmccarty — Thu, 07 Oct 2010 17:15:32 +0000

Engine Solutions has released version 1.4RC6 of Devil-Linux. For those not familiar with Devil-Linux, it is a small secure distribution that runs from a CD-ROM or USB thumb drive.

The release fixes issues found since the last release candidate, which makes it likely worth the upgrade; however, it also includes some updates such as MailScanner version 4.8.1. This version of MailScanner is the latest release and alone makes the distribution worth considering for new users. MailScanner is a freely available mail security and anti-virus gateway. It is made for placing at your Internet gateway and checking all email coming into a company’s mail system.

For more information on Devil-Linux see http://www.devil-linux.org/home/index.php and for MailScanner look here: http://www.mailscanner.info/intro.html.

Welcome to Secure Penguin

Rmccarty — Wed, 06 Oct 2010 14:32:59 +0000

Welcome to Secure Penguin! I’ll be covering information security from a Linux perspective. The topics (good and bad) may be slanted towards Red Hat, as I am exposed to quite a bit of it in the enterprise space; however, the goal is to cover Linux in general.

If you have any comments or suggestions for topics, please drop me a line.

–ron