Technologies and tools for safer networks
Is your data safe? Are your borders protected? This month we examine some expert techniques for building more secure networks.
Real admins think about security all the time, and even if you're a casual user, it pays to know what the intruders know. Services that once were safe are now wide open unless you keep current with the changing times. This month, we examine some security strategies from the experts.
We start with a study on how to protect Voice over IP (VoIP) networks from eavesdroppers and other intruders. You'll learn about some of the encryption technologies available with VoIP and get some practical tips on isolating and protecting voice communications.
Next we'll examine the state of wireless network security. We'll present some strategies for how to make the best of a WEP network, and we'll show you how to maximize the security of later protocols such as WPA and WPA2.
Our next article describes how to use one-time passwords to add two-factor authentication to a secure website. You'll learn about the OTPauth PHP library, and we'll provide a detailed example showing how to set up your own online one-time password system.
The last article in this month's cover set looks at hping, a handy tool for creating test packets to explore intrusion scenarios and check the functionality of firewalls. But that's not all. If you're still looking for more inspired reading on security, turn to our Sysadmin section for an interesting case study on how to hack NFS 3.
You'll never have the perfect network or the perfect tools – the world of network security is changing all the time – and since you can never really pin it down, maybe the best strategy is to read on …
Read full article as PDF:Security_Strategies_Intro.pdf (175.10 kB)
Article seems to be missingI'm not sure if it's intentional but the "read full article" link results in a one-page PDF that only lists what the other articles have, not the articles themselves. It's OK, I have the magazine at home, but was looking for a quick reference and was disappointed I couldn't get to the article on wireless security again (for now).
A new class of problems lets a malicious app pre-configure an invisible privilege update.
New Hack language adds static typing and other conveniences.
New crypto policy system will offer easier configuration and more uniform security.
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
Vulnerability affects many Linux web servers
The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open source groupware solution.
Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.
Donors will get to vote on new features for the free video editor.
Debian project puts init out to pasture and says no to Ubuntu's Upstart.