Matt Curtin, author of “Developing Trust: Online Privacy and Security” has been hired to investigate the State of Ohio’s so-called government’s latest security gaffe, which involved losing among other things the social security numbers of all state employees + the SSN’s of the employee dependents.
In addition to founding security firm Interhack, Matt was on the first team to crack the Data Encryption Standard several years ago. He even wrote a fascinating book about it.
Rich McIver wrote to alert me of a really great article they’ve published over at Network Security Journal, titled “The Open Source Security Motherload: 105 Tools, Applications, and Resources”.
Unless you run absolutely nothing on your server, from time to time something is going to need to be patched because of a vulnerability. Yes, it happens. As much as you 'my system is better than yours and never has any vulnerabilities' guys don't want to admit, these things were written by humans and we aren't perfect. I used to dread the email into my inbox from the FreeBSD Security mailing list. I knew that it meant I had a bit of work ahead of me compiling new software or other tasks that I cared not waste my time on. That's why I am happy that a utility, written by Colin Percival, exists to make my life easier. It's name is freebsd-update.
Are you tired of seeing the exact same output from all your periodic scripts? If you are like me, looking at the exact same output day after day becomes very tedious and you can allow items to slip past you as you just casually glimpse over the periodic emails. Luckily, there is a solution that will allow you to see only the important information. Its name is swatch.
John the Ripper is an invaluable component of any decent sysadmin toolbox. In this excerpt from Hardening Linux, the author James Turnbull explains how it can be used to test your /etc/shadow file to ensure your users are using secure passwords.
Matt Wade: Matt is an Editor and technical reviewer of several different titles.
Do you have a great idea for a book about an open source technology? We'd love to hear about it and talk with you about bringing your idea into publication. Contact Us with your ideas.
We are also always looking for qualified individual to perform paid technical reviews of our books. Drop us a line if that interests you and be sure to include the technologies that you are experienced with.