LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.

Recent Features

LWN.net Weekly Edition for May 8, 2008

Blizzard tests the reach of copyright law

How not to sell embedded Linux

LWN.net Weekly Edition for May 1, 2008

On the conviction of Hans Reiser

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Security index

This index covers articles that appeared in LWN on various security-related topics. Articles from 2007 on are indexed here.

Accounting systems

SQL-Ledger and LedgerSMB: a study in security reporting (March 21, 2007)

Anonymity

Eavesdropping on Tor traffic (September 12, 2007)

AppArmor

Linux security non-modules and AppArmor (June 27, 2007)

The future of AppArmor (October 17, 2007)

TOMOYO Linux and pathname-based security (April 14, 2008)

Application binary interface (ABI)

Cascading security updates (February 27, 2008)

Authentication

Biometric

Fingerprint recognition using fprint (November 20, 2007)

Biometrics for identification (April 2, 2008)

Bypass

Authentication bypass in routers (March 5, 2008)

Backdoors

The backdooring of WordPress (March 7, 2007)

The backdooring of SquirrelMail (December 19, 2007)

Berkeley Internet Name Daemon (BIND)

Cache poisoning vulnerability found in BIND (July 25, 2007)

The dangers of weak random numbers (February 20, 2008)

Botnets

Linux botnets (February 14, 2007)

Storm worm gains strength (August 29, 2007)

ITU getting serious about botnets (November 28, 2007)

Bug reporting

SQL-Ledger and LedgerSMB: a study in security reporting (March 21, 2007)

Two years of RHEL4 risk (April 25, 2007)

Stability v. security fixes (May 9, 2007)

Counting vulnerabilities (June 22, 2007)

Cascading security updates (February 27, 2008)

CAPTCHA

Breaking CAPTCHA (March 19, 2008)

CERT

GCC and pointer overflows (April 16, 2008)

Certifications

Red Hat and IBM get certified (June 20, 2007)

chroot()

What chroot() is really for (October 3, 2007)

Cross-site scripting (XSS)

A Firefox PDF plugin XSS vulnerability (January 3, 2007)

Extended Validation certificates and cross-site scripting (March 12, 2008)

Detecting vulnerabilities

Capturing web attacks with open proxy honeypots (July 3, 2007)

Distribution security

LCA: How to improve Debian security (January 17, 2007)

Security hardening for Debian (February 6, 2008)

Eee PC security or lack thereof (February 13, 2008)

Document Object Model (DOM)

Finding bugs lurking in the DOM (January 30, 2008)

Domain Name System (DNS)

Who owns your domain? (January 31, 2007)

Cache poisoning

Cache poisoning vulnerability found in BIND (July 25, 2007)

DNS Security Extensions (DNSSEC)

What to do about DNS? (April 11, 2007)

Email

Spam prevention

Backscatter increase clogs inboxes (April 9, 2008)

Encryption

DMCA

Another attempt at DMCA reform - sort of (February 28, 2007)

Email

GnuPG signed message spoofing vulnerability (March 7, 2007)

Email privacy (November 7, 2007)

Web

The future of unencrypted web traffic (January 2, 2008)

Firefox

A Firefox PDF plugin XSS vulnerability (January 3, 2007)

Firefox security status (June 6, 2007)

Security plugins

Intrusion detection for the browser (March 14, 2007)

GCC

GCC and pointer overflows (April 16, 2008)

GNU Privacy Guard (GnuPG, GPG)

GnuPG signed message spoofing vulnerability (March 7, 2007)

Hardening

Security hardening for Debian (February 6, 2008)

Hijacking

X programs

OpenSSH bug falls through the cracks (April 9, 2008)

Identity management

The OpenLiberty Project (January 24, 2007)

Bandit: multi-protocol identity management (September 26, 2007)

OpenID 2.0 closing in on acceptance (October 31, 2007)

Information leak

Our devices are spilling our secrets (August 1, 2007)

Integrity management

Integrity management in the kernel (March 28, 2007)

Internet

Censorship

Who owns your domain? (January 31, 2007)

Honeypots

Capturing web attacks with open proxy honeypots (July 3, 2007)

IPv6

IPv6 source routing: history repeats itself (May 2, 2007)

Routers

When routers go bad (May 23, 2007)

Home routers and security flaws (October 10, 2007)

The Onion Router (Tor)

Eavesdropping on Tor traffic (September 12, 2007)

Voice over IP (VoIP)

The Skype outage (August 22, 2007)

Jails

What chroot() is really for (October 3, 2007)

Javascript

Web security vulnerabilities and Javascript (January 23, 2008)

Linux kernel

revoke() returns (December 18, 2007)

vmsplice(): the making of a local root exploit (February 11, 2008)

The rest of the vmsplice() exploit story (March 4, 2008)

Credentials

Credential records (September 25, 2007)

Linux/POSIX capabilities

LCA: How to improve Debian security (January 17, 2007)

Fixing CAP_SETPCAP (October 31, 2007)

Networking

Improving syncookies (April 9, 2008)

Random number generation

On entropy and randomness (December 12, 2007)

Virtual file system (VFS)

A kernel security hole (January 16, 2008)

Linux Security Modules (LSM)

Linux security non-modules and AppArmor (June 27, 2007)

Smack for simplified access control (August 8, 2007)

SMACK meets the One True Security Module (October 2, 2007)

The future of AppArmor (October 17, 2007)

LSM: loadable or static? (October 24, 2007)

Kernel-based malware scanning (December 4, 2007)

TOMOYO Linux and pathname-based security (April 14, 2008)

Metasploit

Metasploit 3.0 (March 28, 2007)

Networking

Denial of service prevention

Improving syncookies (April 9, 2008)

Filesystems

Critical Vulnerabilities in Samba (May 16, 2007)

Firewalls

USB laptop firewall runs Linux (May 30, 2007)

IPv6

IPv6 source routing: history repeats itself (May 2, 2007)

Obfuscation

Chaostables for confusing nmap scans (January 17, 2007)

Hiding open ports with shimmer (January 9, 2008)

Protocol fuzzing

CROSS: A step towards better open source security (April 4, 2007)

Wireless

MadWifi: Much ado about nothing? (April 18, 2007)

USB device authorization (July 17, 2007)

One Laptop Per Child (OLPC)

Bitfrost: the OLPC security model (February 7, 2007)

OLPC's software update problem (July 3, 2007)

OpenOffice.org

BadBunny? Only if you invite it in (June 12, 2007)

OpenSSH

OpenSSH bug falls through the cracks (April 9, 2008)

PHP

Tools

Scanning for PHP vulnerabilities with Pixy (June 27, 2007)

Portable Document Format (PDF)

A Firefox PDF plugin XSS vulnerability (January 3, 2007)

PostgreSQL

A PostgreSQL flaw (February 21, 2007)

SE-PostgreSQL uses SELinux for database security (July 18, 2007)

Privacy

Our devices are spilling our secrets (August 1, 2007)

Eavesdropping on Tor traffic (September 12, 2007)

Email privacy (November 7, 2007)

Race conditions

Exploiting races in system call wrappers (August 15, 2007)

Exploiting symlinks and tmpfiles (September 19, 2007)

Random number generation

On entropy and randomness (December 12, 2007)

The dangers of weak random numbers (February 20, 2008)

Research

Auctions

Security research: buy low, sell high? (July 11, 2007)

Rootkits

Hunting for Rootkits (February 28, 2007)

Samba

Critical Vulnerabilities in Samba (May 16, 2007)

Eee PC security or lack thereof (February 13, 2008)

Secure Sockets Layer (SSL)

Certificates

Extended Validation certificates and cross-site scripting (March 12, 2008)

Security Enhanced Linux (SELinux)

SE-PostgreSQL uses SELinux for database security (July 18, 2007)

Tools

SLIDE into SELinux policy development (February 7, 2007)

Signing code

Java cryptography and free distributions (March 14, 2007)

Integrity management in the kernel (March 28, 2007)

Software liability

Software liability laws: a dangerous solution (September 5, 2007)

Spam

Backscatter increase clogs inboxes (April 9, 2008)

Talpa

Kernel-based malware scanning (December 4, 2007)

TOMOYO Linux

TOMOYO Linux and pathname-based security (April 14, 2008)

Tools

Access control

Smack for simplified access control (August 8, 2007)

Browser exploit detection

Intrusion detection for the browser (March 14, 2007)

Finding bugs lurking in the DOM (January 30, 2008)

Distributions

A look at the BackTrack security distribution (April 4, 2007)

Exploit frameworks

Metasploit 3.0 (March 28, 2007)

Firewall

Chaostables for confusing nmap scans (January 17, 2007)

All aboard the SmoothWall Express (August 29, 2007)

Hiding open ports with shimmer (January 9, 2008)

Network scanning

Tracing behind the firewall (January 10, 2007)

PHP code scanning

Scanning for PHP vulnerabilities with Pixy (June 27, 2007)

Password guessing prevention

Preventing brute force ssh attacks (October 24, 2007)

Policy management

Centralizing policy rules with PolicyKit (November 14, 2007)

Rootkit detection

Hunting for Rootkits (February 28, 2007)

SELinux

SLIDE into SELinux policy development (February 7, 2007)

Voting machines

Securing our votes (August 8, 2007)

Voting machine integrity through transparency (March 26, 2008)

Vulnerabilities

Authentication bypass

Authentication bypass in routers (March 5, 2008)

Cross-site request forgery (CSRF)

Cross-site request forgery (October 17, 2007)

Image handling

Image handling vulnerabilities (April 23, 2008)

Macro language (ab)use

BadBunny? Only if you invite it in (June 12, 2007)

Privilege escalation

A PostgreSQL flaw (February 21, 2007)

vmsplice(): the making of a local root exploit (February 11, 2008)

The rest of the vmsplice() exploit story (March 4, 2008)

Race conditions

Exploiting races in system call wrappers (August 15, 2007)

Temporary files

Exploiting symlinks and tmpfiles (September 19, 2007)

Web application flaws

The backdooring of WordPress (March 7, 2007)

Home routers and security flaws (October 10, 2007)

Cross-site request forgery (October 17, 2007)

The backdooring of SquirrelMail (December 19, 2007)

Web security vulnerabilities and Javascript (January 23, 2008)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.