• s_client

    Updated: 2009-12-25 17:52:31
    If you’re working with SSL (whether websites or otherwise), it sometimes helps to be able to send text and commands directly to the server, but it’s not as easy as just telnetting to the server like with non-SSL servers. That’s where s_client comes in. It’s part of the openSSL suite, so you’ll find [...]

  • sVirt Stronger Security for Linux Virtualization

    Updated: 2009-12-22 22:24:23
    By Bryan Jacobson, Linux Technology Center. While Virtualization offers many benefits, there can also be increased security risks. For example, consider a system running two hundred virtual images. All two hundred images are at risk if a flaw in the hypervisor (or configuration) allows any virtual guest to “break out” into the host environment [...]

  • Systems Security Seven for Dec. 18

    Updated: 2009-12-18 23:29:31
    Steve Hanna has written an excellent cloud security overview article A Security Analysis of Cloud Computing which talks about how trusted computing can help solve some of the cloud security problems. Privacy concerns for the ages, is anonymity sufficient? Facebook and Google: Contrasts in Privacy Is privacy an illusion or a social contract? Blakley’s blog post [...]

  • Google thinks you don’t need privacy

    Updated: 2009-12-15 15:04:52
    You Have Zero Privacy Anyway — Get Over It This is a good article by David Adams on OSnews talking about a recent quote by Google CEO Eric Schmidt saying “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.” David compares this to a [...]

  • Systems Security Seven for Dec. 11

    Updated: 2009-12-11 22:16:58
    Here are seven links that are worth the time that it takes to read them if you are interested in systems security. The Evil Maid attacks again: ITPro article: Researchers break into Windows encryption feature, the original research behind the attack, article about Microsoft’s response. Two Trusted Computing articles: “openSUSE is now the first operating system to offer full [...]

  • new SSL Vulnerabilities – how they work and what they mean

    Updated: 2009-11-24 10:04:13
    You may have heard about the latest SSL vulnerabilities over the last month, but how do they work and what does it mean to you (or your users)? When I earlier described how SSL works, I glossed over two SSL functions: session resumption and re-negotiation. These two functions allow a client or server to renegotiate [...]

  • Netwox – The Network Toolbox

    Updated: 2009-11-20 04:50:05
    I don’t think it’s possible to have too many network security toolkits. Netwox is probably not as common some of the other toolsets included in some security-oriented live CD distros. However, it can certainly hold its own when it comes to capability and flexibility. Netwox stands for the Network Toolbox and the software includes over 222 [...]

Last Months Items