Mais vídeos sobre segurança na Red Hat Magazine

Mark Cox - líder do Red Hat Security Response Team - fala sobre problemas de segurança, políticas de atualizações na RHN, e dicas para manter o Linux mais seguro.

Episode 1: The Vendor

Episode 2: Policies

Episode 3: Tips for a secure system

Episode 4: Security issues and metrics


Fonte: Red Hat Magazine

Disk encryption - useless ?

Fonte:

http://isc.sans.org/diary.html?storyid=4006

SELinux Slogans

Post muito engraçado (ou não, depende do seu ponto de vista) feito por Spencer Shimko em http://beyondabstraction.net/2008/01/10/selinux-slogans

• SELinux - Because users do weird shit.


• SELinux - Fuck root.


• SELinux - Hampering administrators since before it was cool.


• SELinux - High-security gone haywire.


• SELinux - Turning it off is like removing the batteries from a smoke detector. Sure it sounds better but you might get burned.


• SELinux - Because life is too simple.


• SELinux - AppArmor sucks.


• SELinux - It’s too early in the morning to be cleaning up after 11-year old kiddies.


• SELinux - Too powerful for our own good.


• SELinux - Here’s our root password, what’s yours?


• SELinux - Didn’t they teach you about using protection in high-school?


• SELinux - Blind faith not required


• SELinux will save you tons of money, your TCO will go down and your ROI will go up.


• SELinux supports 3-letter acronyms out of the box, no complex policy changes required.


• Zero day vulnerabilities are a fact. Do something about it.


• Trusted Solaris has been end-of-lifed and you’re not in the government space to begin with.


• Path-named based access control is weak.


• Implicitly trusting admins doesn’t have to be SOP.


• You’re not a security expert, let us do the hard work.


• The US military (and others) trust SELinux with their information, shouldn’t you?