Openssl
36 Stories
Apache SSL flaw opens Linux to Slapper Worm and DDoS
Insight A new flaw can open up Apache servers to a virulent worm.
Fixes are in for OpenSSL
News The group behind the widely used Web security software releases a patch for two flaws that could allow an attacker to cause a denial-of-service attack.
Tags: Hacking, Open source
Apache servers experience increasing number of attacks
Insight Not all vulnerabilities are exploited equally--even the critical ones. Several flaws in the widespread Apache Web server have recently become popular hacker targets. See which flaws to look for and how to mitigate the potential damage.
Configure Apache to support multiple SSL sites on a single IP address
Techguide With Apache 2.2.12 and support for the Server Name Indication extension to the SSL protocol, you can configure name-based HTTPS sites, just as you can name-based HTTP sites.
Tags: Open source, Web servers
Flaws found in BSD, Linux software updaters
News The package managers used by most BSD and Linux systems could be exploited to install compromised software on target systems, claims a report.
Tags: Security, Open source, Linux, Manager, Ubuntu, Password, Flaw, OpenSSL, BSD, Attacker
High-risk flaws in corporate security revealed
News Three recent studies have painted a damning picture of business security, with almost 90 percent of breaches found to have been preventable.
Tags: Security, Antivirus software, Buffer-overflow, Vulnerability, Flaw, OpenSSL, Server, public sector, Attacker, software
Information Card Foundation launched
News A weighty group of industry leaders coalesces around new standards for online authentication.
Tags: Authentication and encryption, Spam and phishing, Security, Information Card, Google Inc., Paul Trevithick, ID Card, Password, Novell Inc., OpenSSL
Linux standards tool adds app testing
News The Linux Foundation has included an app-checker tool in the Linux Standard Base public test version, aiming to address an acknowledged shortcoming.
Tags: Linux, Open source, Tool, OpenSSL, compliance, Linux Distribution, shell script, Linux, Open source, Linux Foundation
Google's Keyczar designed to make cryptography easier
News The open source project is meant to help developers implement secure and simple cryptography.
Tags: Authentication and encryption, Privacy, Security, Open source, Google Inc., Cryptography, OpenSSL, tagging, Massachusetts Institute of Technology, API
Learn to use the openssl command-line program
Techguide More than just an open source SSL library implementation, OpenSSL can be used to create, request, sign, and revoke certificates and can also be used to perform other cryptographic operations.
Tags: Networking, Security
OpenSSL hit by forgery bug
News The widely used security technology may incorrectly verify bogus signatures.
Open-source group plugs three holes
News An open-source group that maintains software for securing communications released a patch on Tuesday to fix several vulnerabilities that were found during a security test by the U.K. government.
Find weak OpenSSL/OpenSSH keys and secure your system
Techguide Use a tool provided by the Debian team, which can be run regardless of whether the Debian system is used, to determine if weak keys exist in the system.
Tags: Open source, Linux
Apple releases patches for Jaguar, Panther
News The updates fix four issues, including security holes in the Unix printing system used by the Mac OS.
Tags: Mac OS
Guard against this OpenSSL vulnerability
Techguide The overwhelming number of open-source Web sites and the widespread use of OpenSSL to secure connections create a tremendous problem when vulnerabilities emerge. Mike Mullins discusses this vulnerability.
Tags: Open source, Applications and tools
