Archive

Security

Introduction

There are many arguments that “Linux is more secure than Windows”. Personally, I don’t believe in this (David Ramsden). An Operating System is only as secure as the user makes it. However, all the time security in Operating Systems is improving.

The following pages have been written so you can make your box a little bit more secure or give a guide as to what you should and shouldn’t do, as well as general security pointers.

Pages in this section

Meeting 16 November 2013

Hi guys.

The next meeting will be next Saturday (16th November) at QinetiQ Haslar from 2pm. For those who have not been before,  the site is located on the Haslar peninsula at the South of Gosport. The postcode is PO12 2AG.

Given the nature of the site please let me know if you plan to attend, so I can let our security guards know.

Cheers,

Tim B.

September 2013 meeting

Hi guys!

I am very pleased to announce that the next meeting will be held at QinetiQ’s Haslar site at 1pm on the 7th September.

We will have limited network access (i.e. a few people may have mobile broadband) so please do not expect to be able to do installs or updates from the web.

To keep our security guys happy can you please register your interest with me by email (chairman@hantslug.org.uk) no later than Wednesday 4th September.

The “agenda” for the meeting is pretty simple:

01 December2012

The first ever HantsLUG Christmas Lecture was held on Saturday 1 December in the Zepler Building at Southampton University.

The speaker was Mike Bond, of the Computer Laboratory at Cambridge University, where he has been researching security in the banking system for 10 or more years.

He gave us a talk on “Hacking bank cards: 10 years of tools.” – a subject that sounded distinctly illegal to me. In fact the work on computer security done at Cambridge has been an important tool for improving the complex security measures that banks need to use. Although publicly criticising [continued…]

Christmas Lecture 2012

The first ever HantsLUG Christmas Lecture was held on Saturday 1 December in the Zepler Building at Southampton University.

The speaker was Mike Bond, of the Computer Laboratory at Cambridge University, where he has been researching security in the banking system for 10 or more years.

He gave us a talk on “Hacking bank cards: 10 years of tools” – a subject that sounded distinctly illegal to me. In fact the work on computer security done at Cambridge has been an important tool for [continued…]

Meeting 1 December 2012

Ladies and Gentlemen,

I am pleased to announce the first HantsLUG Christmas lecture which will take place on 1st December. This event is in place of our normal December meeting, and will take place at Southampton University. The lecture will start at 5pm (please arrive early), and is followed by a dinner served at 8pm at the Mercure Dolphin hotel, just north of Town Quay.

Our speaker, Mike Bond, who did his PhD in electronic bank security and now works to improve banking security, will be giving a talk titled "Hacking bank cards: 10 years [continued…]

12 February2011

When: 11:00 – 17:30, Saturday 12th February 2011

Where: NokiaSouthwood.

For full details and instructions please see the appropriate page on the SurreyLUG web site.

Please note you will need to send some details if you want to get in, Nokia Security are quite tame but they like to know how is there…

See Also

Mark Lewis

In 1998 and within my quest for knowledge about Linux, I met KenAdams of HantsLUG online via News and a chappie from BristolLUG. I joined the HantsLUG mailing list which Ken was running on a PSTN dial-up with MajorD at home. As I was learning and Ken’s dial-up was straining, my idea was to give ‘something back’ in return for knowledge received. As I worked for an ISP, I was able to host a server, where I installed MajorD that allowed Ken and the Bristol chappie to have mailing lists and a web site. [continued…]

Debian Tips

Introduction

This is intended as an FAQ / Tips page to do with managing a Debian system. It’s a work in progress, so make sure that if you find something useful, and it is not listed, that you add it. I’ll get around to categorising this list, but these tips are answering a lot of questions that appear on the mailing list.

Apt-get returns the error: “E: Dynamic MMap ran out of room”

This is caused because the cache is too small to handle all of the packages in the flavour of Debian that you are using. The fix [continued…]

Password Policy

Some Tips for Passwords and Logins

Legend:

  • R : Root, user role
  • S : System Accounts
  • U : User Accounts

In general order of increasing security.

Do not send passwords in clear text over the network

[RSU]

As a general rule no protocol that transmits unencrypted authentication data over a network should be used. Examples of insecure protocols are telnet, ftp and the r* tools. All modern Unix and Linux systems ship with secure alternatives as default, and either no longer contain or require manual intervention to enable legacy protocols.

Where legacy applications demand use of insecure protocols, [continued…]