Open source graphics card open for orders

The Open Graphics Project's long-awaited open source graphics card is ready for order by developers. Designed by Traversal Technology, the OGD1 boasts an open source hardware design based on a Xilinx Spartan-3 XC3S4000 FPGA, and is intended as an FPGA development platform, says the OGP.

The Open Graphics Project announced its plan back in 2005 to develop a basic graphics card with an open source hardware design. A central goal of the OGP is to streamline driver development, since binary drivers from graphics manufacturers are typically difficult to work with. The group hopes eventually to release a commercial version suitable for consumers.

Availability

The OGD1 is available for order now for $1,500 (or $1,400 for the first 100 orders). Manufacturing will begin once 100 orders have been received, says the group. More information may be found here.

Rest of story: Here

Read more

Google Anti-Malware Diagnostic Pages

ZDNet's security blog points to an update to Google's malware warnings. Like McAfee SiteAdvisor, now each web site has a special diagnostic page that lists answers to four questions:

1. What is the current listing status?
2. What happened when Google visited this site?
3. Has this site acted as an intermediary resulting in further distribution of malware?
4. Has this site hosted malware?

Here's, for example, the diagnostic page for google.com:



http://www.google.com/safebrowsing/diagnostic?site=google.com, which lists some interesting facts.

"Of the 274621 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 05/22/2008, and the last time suspicious content was found on this site was on 03/13/2008. Malicious software includes 4 scripting exploit(s), 4 trojan(s). Successful infection resulted in an average of 10 new processes on the target machine. Malicious software is hosted on 4 domain(s), including 58.65.239.0, truemaybe.com, abc-powers.com. 5 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including xtraff.biz, x-traffic.ws, smartvideochannel.com."

Despite all of these findings, google.com is not listed as suspicious, probably because the domain is whitelisted or the suspicious content is not very significant. It's likely that the domains listed above are from Google's search results, so that means the anti-malware system doesn't respect robots.txt.

Read more

HowTo Split the files

Below is an example on how to use the split command: Using split on a 600MB image.iso file:

split -b 200mb image.iso

It will generate 3 files with the following file sizes:

200MB xaa
200MB xab
200MB xac

after split use: cat for combine a file

cat xa* > new-image.iso

Read more

Rootkit detectors for Linux

chkrootkit
chkrootkit is a tool to locally check for signs of a rootkit.

It tests the following applications: aliens, asp, bindshell, lkm, rexedcs, sniffer, w55808, wted, scalper, slapper, z2, chkutmp, amd, basename, biff, chfn, chsh, cron, crontab, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, init, killall, ldsopreload, login, ls, lsof, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, tcpdump, top, telnetd, timed, traceroute, vdir, w, and write.

Includes:
* chkrootkit: shell script that checks system binaries for rootkit modification.
* ifpromisc.c: checks if the interface is in promiscuous mode.
* chklastlog.c: checks for lastlog deletions.
* chkwtmp.c: checks for wtmp deletions.
* check_wtmpx.c: checks for wtmpx deletions. (Solaris only)
* chkproc.c: checks for signs of LKM trojans.
* chkdirs.c: checks for signs of LKM trojans.
* strings.c: quick and dirty strings replacement.
* chkutmp.c: checks for utmp deletions.
HomePage: www.chkrootkit.org

Rootkit Hunter
rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits.

Specifically, rkhunter is a shell script which carries out various checks on the local system to try and detect known rootkits and malware. It also performs checks to see if commands have been modified, if the system startup files have been modified, and various checks on the network interfaces, including checks for listening applications.

rkhunter has been written to be as generic as possible, and so should run on most Linux and UNIX systems. It is provided with some support scripts should certain commands be missing from the system, and some of these are Perl scripts.

Features include:
* Compares MD5 hashes of important files with known good ones in online database
* Searches for:
o Default directories of rootkits
o Wrong permissions
o Hidden files
o Suspicious strings in kernel modules, and
o Special tests
HomePage: rkhunter.sourceforge.net

OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System.

It performs log analysis, integrity checking, monitoring, rootkit detection, real-time alerting and active response. In addition to being deployed as an HIDS, it is commonly used strictly as a log analysis tool, monitoring and analyzing firewalls, IDSs, web servers and authentication logs.

Features include:
* Unix-only:
o Unix PAM
o sshd (OpenSSH)
o Solaris telnetd
o Samba
o Su
o Sudo
* FTP servers:
o ProFTPd
o Pure-FTPd
o vsftpd
o Microsoft FTP Server
o Solaris ftpd
* Mail servers:
o Imapd and pop3d
o Postfix
o Sendmail
o vpopmail
o Microsoft Exchange Server
* Databases:
o PostgreSQL
o MySQL
* Web servers:
o Apache HTTP Server (access log and error log)
o IIS web server (NSCA and W3C extended)
o Zeus Web Server errors log
* Web applications:
o Horde IMP
o Modsecurity
* Firewalls:
o Iptables firewall
o Solaris IPFilter firewall
o AIX ipsec/firewall
o Netscreen firewall
o Windows Firewall
o Cisco PIX
o Cisco FWSM
o Cisco ASA
* NIDS:
o Cisco IOS IDS/IPS module
o Snort IDS (snort full, snort fast and snort syslog)
* Security tools:
o Symantec AntiVirus
o Nmap
o Arpwatch
o Cisco VPN Concentrator
* Others:
o Named (BIND)
o Squid proxy
o Zeus eXtensible Traffic Manager
* Generic unix authentication (adduser, logins, etc)
HomePage: www.ossec.net

Nixory
Nixory is an innovative, new, fast and powerful Anti Spyware program,with an User-Friendly Graphical Interface. It protects Mozilla Firefox from dangerous spywares, and harmful cookies.

Features include:
* Mozilla Firefox fast and accurate anti-spyware scan
* Ice Eye heuristic system
* Update stats for number of scans, removed objects and more
* Customizable options
* Remove Tool for found data miner
* Enable to ignore selected data miner groups
* Enable to write a Scan Log with accurate details
* Multi-Language support (English, Italian, Dutch, Spanish, Spanish(AR), Catalan)
* Multi-profiles of Firefox support
* Flexible management of memory
HomePage: nixory.sourceforge.net

Read more

Best Antivirus for Linux

ClamAV
Clam AntiVirus is an anti-virus toolkit, designed especially for e-mail scanning on mail gateways.
It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.

The core of the package is an anti-virus engine available in a form of shared library.

Features include:
* Command-line scanner
* Fast, multi-threaded daemon with support for on-access scanning
* Milter interface for sendmail
* Advanced database updater with support for scripted updates and digital signatures
* Virus scanner C library
* On-access scanning
* Virus database updated multiple times per day (see home page for total number of signatures)
* Built-in support for various archive formats.
* Built-in support for almost all mail file formats
* Built-in support for ELF executables and Portable Executable files compressed and others
* Built-in support for popular document formats including MS Office and MacOffice files, HTML, RTF and PDF
HomePage: http://www.clamav.org/

AVG Free
AVG Free for Linux is a commercial-grade antivirus product. It can be used on a single computer and is intended for private, non-commercial use only.

AVG Free can be run entirely from the command prompt but there is also a graphical front end available. Using the command line offers some extras such as creating a report file, while updates are easy to apply and can be scheduled.

The graphical user interface is both efficient and simple, and it can be used even by inexperienced Linux system users.

Features include:
* Advanced virus detection methods (heuristic analysis, generic detection, scanning)
* Scheduled and on-demand scanning of folders, files, and common archive types
* Rapid virus database updates for the lifetime of the product
* Small update files that do not drain system resources
* Automatic update functionality
* AVG On-Demand Scanner, which allows users to perform scheduled and manual tests
* High quality manual
HomePage: www.grisoft.com

P3Scan
P3Scan is a fully transparent proxy-server for POP3, SMTP, and limited POP3S Clients.

It can be used to provide email scanning from the internet, to any internal network and is ideal for helping to protect your "Other OS" LAN from harm, especially when used in conjunction with a firewall and other Internet Proxy servers.

It provides scanning of incoming/outgoing email messages for Viruses, Worms, Trojans, Spam, and harmful attachments. Because viewing HTML mail can enable a "Spammer" to validate an email address (via web bugs), it can also provide HTML tag stripping.

P3Scan is a derived work of POP3VScan.

Features include:
* Works with
o Kaspersky Anti-Virus for Linux (AVPD)
o Trophie Anti-Virus Daemon
o FRISK F-Prot Antivirus
o Clam AntiVirus
o F-Secure Anti-Virus
o Any other virus scanner that can output its report to the console (stdout)
HomePage: p3scan.sourceforge.net

Avast!
Avast! Antivirus is an anti-virus program developed by ALWIL Software based in Prague.
This software is freeware for home users and non-commercial use only.

It is a multi-award winning solution to virus protection, with anti-spyware and anti-rootkit software built in for added security.

Features include:
* Antivirus kernel
o Almost 100% detection
o Reasonable memory requirements
o ICSA certified
o The following archives can be scanned: ARJ, ZIP, MIME (+ all associated formats), DBX (Outlook Express archives), RAR, TAR, GZIP, BZIP2, ZOO, ARC, LHA/LHX, TNEF (winmail.dat), CPIO, RPM, ISO, and SIS
o Supports a number of executable packers (such as PKLite, Diet, UPX, ASPack, FSG, MEW, etc./0
* Command line scanner - scan files in specified directories and both on local and remote volume
* User interface
o Intuitive Simple User Interface
o Independent on installed graphic libraries
o Testing of whole disks or just selected folders
o Defining and running of antivirus tests
o Working with the scan results
o Actions with infected files
o Storing the scan results (history)
o Virus encyclopedia
o Command-line scanner with STDIN/STDOUT mode
* Virus Chest - a chest directory where suspicious files are stored
* Automatic updates
o Non-incremental updates
o Updates can be completely automatic
o Standard updates are provided 2 times a week
* Alerts via SMTP
* Works on all modern distributions
* Shell scripts for common tasks
* Internationalization - English, Czech, Portuguese (Brazil), Bulgarian, Finnish, French
HomePage: www.avast.com

F-Prot Antivirus
For home users using the Linux open-source operating system, company offer F-Prot Antivirus for Linux Workstations. F-PROT Antivirus for Linux Workstations utilizes the renowned F-PROT Antivirus scanning engine for primary scan but has in addition to that a system of internal heuristics devised to search for unknown viruses

F-PROT Antivirus for Linux was especially developed to effectively eradicate viruses threatening workstations running Linux. It provides full protection against macro viruses and other forms of malicious software - including Trojans.

Features include:
* Scans for over 546460 known viruses and their variants
* Ability to perform scheduled scans when used with the cron utility
* Scans hard drives, CD-ROMS, diskettes, network drives, directories and specific files
* Scans for images of boot sector viruses, macro viruses and Trojan Horses
HomePage: http://www.f-prot.com/products/home_use/linux/

F-Secure
F-Secure Linux Security scans and removes viruses from networked or stand-alone workstations, database servers and application servers. It enables system administrators to scan files on Linux servers that handle for example web sites, ftp sites or file sharing.

The firewall component protects the computers against unauthorized connection attempts. The integrity checking feature protects critical system files against unauthorized modification attempts. F-Secure Linux Security introduces one installation package for Workstation and Server environments.

F-Secure Linux Security is centrally managed with F-Secure Policy Manager. F-Secure Policy Manager provides a tightly integrated infrastructure for defining and distributing security policies and monitoring the security of different applications from one central location.

Features include:
* Easy-to-use web-based user interface accessible also remotely
* Real-time antivirus protection
* Host firewall management
* Protects systems from rootkits
* System integrity checking and verification
* Centralized management, reporting and alerting with Policy Manager
* Automatic virus definition updates
* Risk and Spyware protection for Linux
* Interface for third party e-mail gateways
* Linux Samba file server support
* Open anti-virus scanning interface (API) for custom application integration
* Option of using Command-line only Anti-Virus Scanner
* Option to disable firewall, web user interface and real-time scanning components
HomePage: http://www.f-secure.com/webclub/fsls.html

Read more