Linux Zone

From the Linux.com weekly security update - February 10, 2006:

The Linux kernels 2.6.12 through 2.6.15.2 are vulnerable to a Denial of Service (DoS) attack. The problem lies in the ip_options_echo() function in icmp.c, which fails when the kernel responds to an ICMP packet -- i.e., a ping.

» Read More

If for some reason you need to see what's running on another user's desktop, when you're both behind the same firewall, VNC is a good solution. But there is a problem when each user is behind different firewalls and you need a secure connection. Rob Reilly demonstrates how to make this secure connection happen when each user is behind different firewalls using VNC while tunneling over SSH.

» Read More

I have never used KDE. May be because I have never had a problem with my Gnome desktop. I'm not saying that Gnome is more secure than KDE and wasn't happy when the French Security Incident Response Team (FRSIRT) published details about a critical vulnerability in KDE reported by Maksim Orlovich. It's about an incorrect bounds check in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences.

» Read More

Linux kernel version 2.6.15.1 is released 2 days ago after the identification of multiple vulnerabilities in the version 2.6.15 and prior which could be exploited by remote or local attackers to cause a denial of service.

[root@mylinux ~]# uname -a
Linux mylinux.home 2.6.14-1.1656_FC4 #1 ... GNU/Linux

Oooops! >:)

» Read More

You know probably the good quality of IBM's articles. 2 days ago, IBM has published a new article in the "developerWorks" corner written by Vladimir Silva. In this article, "Secure Java apps on Linux using MD5 crypt", he described the GNU extensions to the crypt() system call and provided an implementation of MD5 crypt for use with Java applications.

» Read More

Although Linux systems are among the most resistant to virus attacks, Grisoft has introduced yesterday a new free ( for home use ) version of its software AVG Anti-Virus specifically for the Linux desktop.

Peter Lipa, President of Grisoft said:

With its growing popularity, it is only a matter of time before the Linux operating system becomes more widely targeted by virus and malware writers

» Read More

From Soup To Nuts - Linux Tips
Need to Delete a File for Good -- no one can recover.

You have a file "secret". The following makes it so no one can read it. If the file was 12 bytes, it's now 4096 after it has been over written 100 times. There's no way to recover this:

» Read More

An alert was issued today on the debian site that concerns a bug in Enigmail.
It is highly recommended to patch your enigmail, if you are using it with Mozilla MailNews or Mozilla Thunderbird as a PGP management module.

Package: enigmail
Version: 2:0.91-4

The problem:

» Read More