United States (change)
Shortcuts: Downloads Fedora Red Hat Network
Account Links: Cart Your Account
![[ RSS feed ]](http://www.redhat.com/g/chrome/rss-feed.gif)
Today, Massachusetts Institute of Technology (MIT) announced the formation of the MIT Kerberos Consortium to further fund and steer the development of Kerberos beyond what MIT has been able to achieve to date supporting this protocol with its own internal IT staff.
This Consortium is a great idea that will bring more partners, developers and standards work into play for MIT Kerberos. One has to pause to celebrate the accomplishments of the impressive internal IT staff at MIT who have helped this small internal project become an important part of every major operating system, the core to thousands of enterprises’ security infrastructure and a solution used by hundreds of millions of users.
» Read more
The National Vulnerability Database (NVD) is a US Government repository of vulnerability management data that includes databases of security checklists, security related software flaws and impact metrics. It provides a public severity rating for all the vulnerabilities named by the CVE (Common Vulnerabilities and Exposures), a list of standardized names for vulnerabilities and other security exposures. The ratings can be “Low,” “Medium” or “High”. Each rating is generated automatically based on the CVSS (Common Vulnerability Scoring System) score its analysts calculate for each issue.
» Read more
Today we are pleased to announce the general availability of Red Hat Certificate System 7.3. Containing a highly configurable set of software components and tools for creating, deploying and managing certificates, Red Hat Certificate System is a powerful security framework to guarantee the identity of users and ensure privacy of communications. Based on open standards for certificate management, Certificate System provides a complete, customizable, robust, scalable and high-performance certificate management solution for public-key infrastructure (PKI), extranets and intranets.
» Read more
Identity interoperability across Windows and Linux is one area of focus highlighted by Microsoft and Novell in their November 2006 partnership announcements.
Even though there is little detail about what Microsoft and Novell will provide, this aspect of the announcement has generated interest. We will discuss the reasons for this interest, explain Microsoft and Novell’s approach as currently understood, discuss the limits of Active Directory and propose Red Hat’s broader vision for the interoperability of security information.
» Read more
A critical flaw was announced today that affects the MIT Kerberos telnet daemon, distributed with all versions of Red Hat Enterprise Linux. With this flaw, an attacker who can access the telnet port of a target machine could log in remotely as root without requiring a password.
» Read more
Another security report was released this week that claims to show the “patch development time” for various distributions. Symantec gives some high level results, but none of the detail required to figure out how exactly it got to its results.
» Read more
Operating system security–the topic can evoke strong adjectives. At Red Hat, with regard to security, we are striving to be: