SnortAlog : IDS/IPS and Firewall log Analyzer
http://jeremy.chartier.free.fr/snortalog/what_is_snortalog.html open source software that does firewall log analisys, stats and reporting
Security
Cisco ASA and PIX Firewall Logging > Analyzing Firewall Logs
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=4 notes about logging and long analyzing on cisco netsec devices (pix/asa)
Encrypted Root LVM | HowtoForge - Linux Howtos and Tutorials
http://www.howtoforge.com/encrypted-root-lvm Article shows how to encrypt LVM physical voulme partition.
forum.opennet.ru - (comment #32) iptables port knocking rule to guard SSH | Для открытия порта SSH на host необходимо послать UDP пакеты на несколько порытов
http://www.opennet.ru/openforum/vsluhforumID3/41732.html#32 [RU] Для открытия порта SSH на host необходимо выполнить команды с удаленного хоста
storm-leet08.pdf (application/pdf Object) Measurements and Mitigation of Peer-to-Peer-based Botnets:
http://www.honeyblog.org/junkyard/paper/storm-leet08.pdf
Ksplice: Rebootless Linux kernel security updates
http://web.mit.edu/ksplice/ new way (hopefully will be mainstream soon) to apply updates to linux kernel"on the fly", i.e w/out need to reboot. The system is more or less a hack at this moment.
malware_biz.pdf (application/pdf Object)
http://www.cs.auckland.ac.nz/~pgut001/pubs/malware_biz.pdf awesome paper about business of spam/malware/etc, kinda scary
Matasano Chargen » This New Vulnerability: Dowd’s Inhuman Flash Exploit
http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/ detalied description about Flash vuln that was used to vin a recent hack contest (where vista and mac were hacked )
:String based network filtering with iptables on 2.6.x kernels
http://www.wiztelsys.com/Article_iptables_bob2.html basically the Subj. You need 2.6.18.x to play around
Role-based access control in SELinux
http://www.ibm.com/developerworks/linux/library/l-rbac-selinux/?S_TACT=105AGX99&S_CMP=CP example how to configure access using SELinux on Fedora 8