Sptrace 1.4.2 released

[Translate]

New version of sptrace was released today. Sptrace is a secure ptrace() Linux Kernel Module (LKM). It limits users’ access to the ptrace() call. Module was updated to reflect changes in new kernel releases and tested with 2.6.26.

[…]

Source code (security) auditing utilities available in Debian

[Translate]

Debian GNU/Linux provides several packages that can be used to audit C/C++ source code. First three search for programming errors that might lead to potential security flaws:

flawfinder rats pscan

Next two tools find bugs in C and C++ source code by doing a static check too, but their checks are not security-related:

[…]

Deploying IPsec in small LAN in 3 easy steps

[Translate]

I think about installing IPsec on computers in my home LAN for some time. There are many configurations possible: tunnel mode, transport mode, peer-to-peer solution or star topology with single VPN hub. Also there are different IPsec implementations. KAME for *BSD, Openswan, strongSwan and Linux 2.6 PF_KEY implementation (which can be used with […]

O tym jak to Chuck Norris skopiował dane z Naszej Klasy na dyskietkę

[Translate]

Hacking.pl opublikował artykuł Nasza-Klasa.pl – pobierz sobie dane milionów Polaków. Zasugerowano w nim, że każdy może pobrać dane wszystkich użytkowników Naszej-Klasy. Na alarm uderzył również Dziennik Internautów i Computerworld. Wszyscy zwrócili uwagę na fakt, że prosty robot internetowy może skopiować strony z portalu, przefiltrować ciekawe informacje i zapisać je na dysku. Niestety większości […]

Limiting access to ptrace() call in Linux

[Translate]

Ability to trace and debug software on servers is not needed for most users. Giving them right to trace processes may leak information and if ptrace() is vulnerable lead to more problems.

Sptrace is a secure ptrace() Linux Kernel Module (LKM). It limits users’ access to the ptrace() call. It can disable strace […]