How hacking got easy
To protect your systems, you must familiarize yourself with the tools that will be used against them. For example, the attack against AWStats is blocked on Fedora Core 9 when SELinux is in enforcing mode (the default). Metasploit isn't the first, nor is it the most powerful, exploit framework available. Tools such as Core Impact and Immunity Canvas, which include up-to-date exploits, are available as well as commercial support. Other sites, such as Packet Storm and Milw0rm, also make large amounts of exploit code available. Part of a strong defense is a good offense.
- "DNS Attacks" by Kurt Seifried, Linux Magazine, October 2008: http://www.linux-magazine.com/issues/2008/95/dns_attacks
- Metasploit: http://www.metasploit.com/
- Immunity Canvas: http://www.immunitysec.com/products-canvas.shtml
- Core Impact: http://www.coresecurity.com/
- Packetstorm: http://packetstormsecurity.org/
- Milw0rm: http://www.milw0rm.com/
The Raspberry Pi Foundation has announced an even smaller version of the tiny computer that will fit into a DIMM slot.
A new class of problems lets a malicious app pre-configure an invisible privilege update.
New Hack language adds static typing and other conveniences.
New crypto policy system will offer easier configuration and more uniform security.
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
Vulnerability affects many Linux web servers
The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open source groupware solution.
Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.
Donors will get to vote on new features for the free video editor.
Debian project puts init out to pasture and says no to Ubuntu's Upstart.