linux security

Debian developers deleted the code that seeded random numbers to generate cryptographic keys, no the random numbers are predictable and everything is in the clear. Debian Security Advisory DSA-1571-1 states: “Affected keys include SSH keys, OpenVPN keys, DNSSEC keys, and key material for use in X.509 certificates and session keys used in SSL/TLS connections. Keys generated with GnuPG or GNUTLS are not affected, though.”

The vulnerability only exists in Debian and Debian derived Linux systems such as Ubuntu, KBuntu and Xubuntu.

Notice that Debian is has already released a patch which is available via apt-get. Microsoft would have taken at least a month to release such as patch, and this was less than a week.

This Linux distribution has some promise, sporting Snort, Acid, Tripwire and various other security related tools I can see this becoming a great box for firewall setups and general security use.

Engineered from the ground-up with specific regard to security, EnGarde Secure Linux incorporates intrusion alert capabilities, a complete suite of e- business applications using AllCommerce, improved authentication and access control, strong cryptography, and complete SSL secure Web-based administration capabilities.

EnGarde protects against many forms of attack, not just a particular form of vulnerability. It is also not just a repackaged version of another distribution that claims to be secure. EnGarde is a collection of best-of-breed applications from many sources tuned to provide exactly what is necessary to maintain a secure Internet presence.

Featuring the Linux Intrusion Detection System integrated into its design, as well as Web-manageable Tripwire, tools from many Open Source security projects including Openwall, snort network intrusion detection system, and extensive host security improvements, EnGarde Secure Linux strives to be the most secure, yet functional, Linux distribution to date.

ACID is a great tool if you run a Linux firewall. Combined with the power of SNORT, you can capture all network traffic coming in, and going out of your network. We used this at one of my old jobs to detect where our bandwidth was being used. Acid lets you analyze every packet. which means you can snoop on your users all day long. Tracking Instant Messaging, Streaming Media and keeping track of web usage is also a great use for this tool.
(continue reading…)