]> http://opensource.sfsu.edu/taxonomy/term/6/0 en http://opensource.sfsu.edu/node/624 <p>I came across a nice step-by-step article on how to build firewalls using Debian or Ubuntu. <a href="http://www.fwbuilder.org/">Firewall Builder</a> is available from the <a href="http://packages.debian.org/libfwbuilder">libfwbuilder</a> and <a href="http://packages.debian.org/fwbuilder">fwbuilder packages</a> in both Debian and Ubuntu (in Universe). &nbsp; Read the article in full at <a target="_blank" href="http://www.debian-administration.org/articles/632">http://www.debian-administration.org/articles/632</a></p> <p>&nbsp;</p> <div style="text-align: center"><img height="146" border="0" width="549" src="http://www.debian-administration.org/articles/632/debadm_gsfwb_011.png" /></div> <p>&nbsp; <p>&nbsp;</p> Debian Linux Security Ubuntu Tue, 31 Mar 2009 14:04:21 -0700 http://opensource.sfsu.edu/node/621 <p>More like how to keep poisonous people from crashing your efforts. Watch on...</p><p><em>P.S. Thanks to <a href="http://wiki.laptop.org/go/User:Faisal" target="_blank">Faisal Khan</a> for pointing out this terrific resource on OLPC Support Gang list.</em></p> <object width="445" height="364"><param name="movie" value="http://www.youtube.com/v/ZSFDm3UYkeE&hl=en&fs=1&color1=0xe1600f&color2=0xfebd01&border=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/ZSFDm3UYkeE&hl=en&fs=1&color1=0xe1 Humor Miscellaneous OLPC Security Wed, 18 Mar 2009 16:59:20 -0700 http://opensource.sfsu.edu/node/562 <p>55,000 <a href="http://sugarlabs.org/">Sugar/GNU/Linux</a> <a href="http://laptop.org/">XO</a> machines are being shipped every month to kids all over the world. This is a generation getting ready to break the bonds of digital dependencies and building a commons for themselves on free and open source software and open content and standards. In the meantime, Microsoft announced a pilot study to run Windows XP on these very machines. </p> <p><img height="480" border="0" width="640" src="files/images/main%20screen.preview.png" />&nbsp;</p> <p>&nbsp;So, let's do a quick comparison:</p> <p>Sugar is built on top of Fedora 9, the current and cutting edge version of Linux from RedHat, which then in turn creates its commercial platform based on Fedora releases. So, with Sugar, you get fresh code. Windows XP is from 2001. I was much younger then and had no grey hair <img border="0" alt="Frown" title="Frown" src="modules/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/images/smiley-frown.gif" /> Even at that, it is some specialized version of XP that you can get only if you are a third worlder. Its called Windows XP UP where UP stands for Unlimited Potential. Unlimited potential for whom? The users or the company? XP is no longer sold in the US, so the revenue er, I mean &quot;potential&quot; has to come from someplace else.&nbsp;</p> Distribution Fedora Linux Miscellaneous News OLPC Security XO Tue, 16 Sep 2008 07:47:19 -0700 http://opensource.sfsu.edu/node/401 <p>Here's an example for response turnaround time for fixing bugs. This one has to do with a buffer overflow in OpenSSL. The vulnerability <a target="_blank" href="http://www.securityfocus.com/archive/1/archive/1/480855/100/0/threaded">was reported on September 27 in this thread</a>. This morning (Sept 29), Ubuntu had two patches waiting for me. One is for OpenSSL, and the other is for libssl, the library that implements SSL. The vulnerability is the same. The update was actually released 17 hours ago, so It was no more than a day after the vulnerability was revealed. </p> <p>&nbsp; </p> <div class="image"> <a href="node/400"><img width="593" height="629" border="0" alt="Vulnerability in OpenSSL fixed" src="files/images/example-of-update.png" /></a><br /> <div class="caption">&nbsp;</div> </div> <p>Of course, there are bugs that don't get patched for a long, long time, but in most of the cases, we see quick turnaround times in open source. This is yet another case where &quot;<a target="_blank" href="http://www.catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/ar01s04.html">many eyeballs make bugs shallow</a>&quot;.</p> Security Sat, 29 Sep 2007 17:55:08 -0700 http://opensource.sfsu.edu/node/397 <p>I came across <a target="_blank" href="http://www.ossim.net/">OSSIM</a> in a post earlier this evening. OSSIM stands for Open Source Security Information Management. It features projects like Arpwatch, Nessus, Snort,Ntop, and Nagios.</p> <p>From their website: </p> <blockquote><p><em> Ossim stands for </em><em>Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant a network/security administrator with detailed view over each and every aspect of his networks/hosts/physical access devices/server/etc...</em></p> Security Wed, 26 Sep 2007 05:32:24 -0700 http://opensource.sfsu.edu/clipperz <p>There are plenty of OpenSource clients for Windows, Linux, and Mac but what about&nbsp; an online one that works in your browser?&nbsp; Clipperz is one such beast that <a title="the coming of age of clipperz" href="http://www.clipperz.com/users/marco/blog/2007/03/28/the_coming_of_age_of_clipperz">went live in March</a>.&nbsp; The <a title="Clipperz source code available at Google Code" href="http://code.google.com/p/clipperz/">source code</a> is in Google Code and you can <a title="build script for clipperz password manager now available" href="http://www.clipperz.com/users/marco/blog/2007/06/11/build_script_for_clipperz_password_manager_now_available">build the same file</a> that's loaded to your browser when you log in to Clipperz.</p> Code Security Wed, 27 Jun 2007 15:53:01 -0700 http://opensource.sfsu.edu/node/218 <p>Mozilla this week pushed out a new version of its Firefox Web browser to mend at least seven security holes in the program, including at least four flaws that attackers could use to install software on vulnerable computers.</p> <p><a target="_blank" href="http://blog.washingtonpost.com/securityfix/2006/09/new_firefox_version_fixes_seve_1.html">http://blog.washingtonpost.com/securityfix/2006/09/new_firefox_version_fixes_seve_1.html</a>&nbsp;</p> Patch Security Sun, 17 Sep 2006 12:17:12 -0700 http://opensource.sfsu.edu/node/128 <p><span class="blackbodytext">OPEN SOURCE supporters have been given a shot in the arm by news the French police are abandoning Microsoft's Internet Explorer for Mozilla Firefox.</p> <p> The gendarmerie's 70,000 desktops were being converted to Firefox and its email client Thunderbird because of the navigator's &quot;reliability, security and inter-operability with other state services,&quot; said General Christian Brachet, IT director of the police force.</p> <p>Read the rest <a target="_blank" href="http://australianit.news.com.au/articles/0,7204,18053450%5E15321%5E%5Enbv%5E,00.html">here</a>&nbsp;</p> News Security Sun, 05 Feb 2006 18:10:06 -0800