Guardian Digital, Inc.

April 24th, 2002 - Users Turn to Guardian Digital for Expertise

Responding to the rising demand for authoritative documentation on email configuration and security, resident Guardian Digital network guru Pete O'Hara authored the most comprehensive and definitive guides on the Postfix mail server program to date.
Exclaims Jared Raddigan in a post to the public EnGarde community, "I just read your entire Postfix doc (Configuring Postfix) and I wanted to say good job. I actually have the only Postfix book that is currently out and I used both it and your HOWTO, and I found your document was very competitive (on the comparable chapters) if not better. You have to admit it's a good sign when I am using ESL HOWTO's for both my ESL box and other non ESL boxes."

Configuring Postfix - This document outlines running Postfix on EnGarde. Wietse Venema, author of Postfix and several other staple Internet security products, describes Postfix as an "attempt to provide an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and hopefully secure, while at the same time being sendmail compatible enough to not upset your users."
http://www.linuxsecurity.com/feature_stories/feature_story-91.html

April 9th, 2002 - Survey: Many Microsoft customers lack funds for new licensing

The study of 1,400 IT executives worldwide conducted by Information Technology Intelligence Corp. (ITIC) and Sunbelt Software found that 41% of respondents said they did not have the funds to convert to Microsoft’s new License 6.0 volume licensing plan by the July 31 deadline.

March 24th, 2002 - Which Linux Vendor?

Is your Linux vendor watching out for your best interests? Are they providing you with the level of security and support you demand? At least one Linux vendor has switched their focus to the largest of companies, dropping support for others, according to this ZDNet article

"Red Hat, ... has restructured to focus on big customers while cutting jobs elsewhere, executives said Tuesday. Red Hat eliminated its network consulting group, which the company acquired for $47 million in February 2001.

The company is paring down to focus on selling its operating system products and services to large corporate customers." There are many things to consider when choosing the right Internet solution for your business. How many servers do you have? If you don't have at least five, Red Hat won't support you. Concerned about security? Then doesn't it make sense to choose the one designed to withstand the hostile nature of the Internet? Guardian Digital, primary sponsors of EnGarde Secure Linux, provides support and services for organizations with one to one hundred servers.

March 14th, 2002 - Significant Vulnerability Afflicts Linux Systems

The vulnerability is rooted in the free() function and how it used. Quoting from the EnGarde Secure Linux advisory, "The zlib shared library may attempt to free() a memory region more then once, potentially yielding a system exploitable by certain programs that use it for decompression. Because certain packages include their own zlib implementation or statically link against the system zlib, several packages need to be updated to properly fix this bug."

March 4th, 2002 - Latest EnGarde Linux Updates: mod_ssl and mod_php

Ensuring that your systems are updated is an integral part of maintaining a secure Internet presence. Two security updates were released today for EnGarde, one for PHP and another for mod_ssl.

mod_php - There is a vulnerability in PHP's MIME data parsing code which may allow an attacker to execute arbitrary code as the web server user. Click for Advisory

mod_ssl - There is a buffer overflow in mod_ssl, part of EnGarde's apache package, which an attacker may potentially trigger by sending a very long client certificate. Click for Advisory

February 20th, 2002 - Secure by Design Proves Most Effective .

EnGarde implements the "Secure by Design" methodology, and this article in CIO describes how it dramatically increases your ROI. "Security has been an add-on at the last minute, and detecting security problems has been left to users." And, of course, hackers.

Overall, the average company catches only a quarter of software security holes. On average, enterprise software has seven significant bugs, four of which the software designer might choose to fix. Armed with such data, the researchers concluded that fixing those four defects during the testing phase cost $24,000. Fixing the same defects after deployment cost $160,000, nearly seven times as much.

The ROSI breakdown: Building security into software engineering at the design stage nets a 21 percent ROSI. Waiting until the implementation stage reduces that to 15 percent. At the testing stage, the ROSI falls to 12 percent.

November 21st 2001 - Guardian Digital Signs Major UK Distributor for Internet Software

Guardian Digital, Inc., the open source security company, has today announced a key partnership with iTS-LiNUX, the premier Linux distributor in the United Kingdom. Terms of the partnership include exclusive rights to distribute Guardian Digital Internet server software, including EnGarde Secure Professional.

November 19th 2001 - Guardian Digital Unveils Corporate Support and Services

Guardian Digital, the first full-service Open Source Security company, today unveiled Guardian Digital Secure Network, a central location for receiving product information, support, and system software services.

November 19th 2001 - Guardian Digital Delivers Enterprise Internet Server Solution .

Guardian Digital, Inc., the open source security company, has today released the enterprise edition of its highly successfully EnGarde Secure Linux server operating system. EnGarde Secure Professional is a comprehensive software solution that provides all the tools necessary to build a complete online presence.

November 4th 2001 - Time to stop defending Microsoft security

Further information on why open source leads to a more secure environment. Bruce Schneier comments in this article why he thinks Microsoft wants a closed-door policy on security vulnerability disclosure. "Security firms, [ScottCulp] says, can just whisper the problems to Microsoft, which will promptly patch the hole.

Bruce Schneier, chief technology officer of Counterpane Internet Security, says that won't happen. Microsoft has always treated security threats as a public relations problem, so it would do anything it could not to publicize its susceptibility, Schneier says. "Companies like Microsoft would ignore security researchers who quietly informed them of security vulnerabilities," he explains. "They would lie to the public and say
that the vulnerabilities were 'theoretical only' or 'impractical.' "

October 4th 2001 - Survey: MS licensing rankles customers.

Most corporate customers are unhappy with looming changes in Microsoft software-licensing programs, and many would consider switching to competitors' products, according to a survey released recently.

October 1st 2001 - Security industry set to Soar.

The worldwide information security services market will grow by more than a quarter a year until 2005, reaching a value of $21bn (£14.3bn), according to market research firm IDC.

September 24th 2001 - Gartner Group Recommends Alternatives to Microsoft.

The Gartner Group is recommending organizations using Microsoft's Web server to replace it with more secure servers such as Apache. They continue by saying that organizations can't always patch fast enough against worms such as Nimda and other security vulnerabilities.

Gartner recommends that enterprises hit by both Code Red and Nimda immediately investigate alternatives to IIS, including moving Web applications to Web server software from other vendors, such as iPlanet and Apache.

August 23rd 2001 - EnGarde Secure Newswire - Aug/Sept.

Welcome to the EnGarde Secure Newswire! This monthly newsletter contains details on EnGarde development, usage tips, news & reviews pertaining to EnGarde, and information on the latest software released by Guardian Digital for EnGarde.

English:
http://www.engardelinux.org/docs/newswire-09-en.html

Español: [Cortesía de Nispernet.com]
http://www.engardelinux.org/docs/newswire-09-es.html

Portuges do Brasil: [ Courtesia da www.linuxsecurity.com.br ]
http://www.engardelinux.org/docs/newswire-09-pg.html

August 23rd 2001 - No slump for security biz!.

" Open Source is proving to be a valuable alternative to proprietary security solution for companies trying to avoid the current economic belt-tightening experienced by many.

By 2005, IDC predicts the Internet security market will tally more than $14 billion a year in revenue, up from $5.1 billion last year.

"For security software vendors, the current economic instability is a double-edged sword," Brian Burke, senior research analyst at IDC, said in a statement.

"On the one hand, it's forcing companies to reduce spending. On the other hand, it's forcing companies to look for ways to cut costs, become more security-proficient and build trusted relationships with customers, partners, suppliers, and channels--which are areas security software can help."

The report breaks the Internet security industry into four markets: firewalls, encryption, antivirus and the AAA (authentication, authorization and administration) market, each of which is expected to grow 23 percent per year, on average. The AAA market will lead the way, said the report, growing annually by 28 percent on average to amass $9.5 billion in revenue in 2005. "

August 11th 2001 - EnGardeLinux.com Named Site of the Week! .

" PacketStorm Security named EnGardeLinux.com, the Official Site for the Engarde Secure Linux distribution, "Site of The Week". PacketStorm Security is known as one of the largest and highly regarded security sites on the Internet, offering the latest security exploits, articles and tools. We would like to thank our friends at PacketStorm for the prestigious honor.

EnGarde is a secure distribution of Linux engineered from the ground-up to provide organizations with the level of security required to create a corporate Web presence or even conduct e-business on the Web. It can be used as a Web, DNS, e-mail, database, e-commerce, and general Internet server where security is a primary concern. "

July 16th 2001 - Guardian Digital Announces Corporate Partnership Program

"The Guardian Digital Partnership Program provides cost-effective tools to participating vendors for profitably deploying secure network solutions utilizing EnGarde Secure Linux and the Guardian Digital Linux Lockbox secure turnkey server appliance."

July 16th 2001 - The Duke of URL reviews Engarde Secure Linux

"The security security features are intrusion detection (what system doesn't need this?), extensive system logging, and security policy enforcement. The intrusion detection is fine-grained and easy to setup. If a service is accessed by unauthorized means the administrator is notified immediately. Logging can be configured to be general or specific and is event-based. You can also configure your logs to be stored on the server in one, or several, locations on the network. Security policies such as password length and password expiration are easily enforced and automated. It's just a matter of clicking a few options and things are completely set up. You can also restrict the commands that a user may access. "

July 12th 2001 - EnGarde Newsletter!

"Welcome to the first issue of the EnGarde Secure NewsBrief. This monthly newsletter contains details on EnGarde development, usage tips, news & reviews pertaining to EnGarde, and information on the latest software released by Guardian Digital for EnGarde."

July 10th 2001 - Join our Official Mirrors Group! We're curretly accepting requests for access to our official rsync server.

July 5th 2001 - EnGarde FAQ

"What is EnGarde Secure Linux? Who is Guardian Digital, Inc? How do I install EnGarde? Is there a supported version available? What does EnGarde provide to ensure security? Why did we design it? What platform does it run on? How do you set up a secure Web server using it? How do I use the intrusion detection? What is the license for Guardian Digital EnGarde Secure Linux?"

June 2001 - UnixReview.com Rave review for EnGarde in the June 2001 issue!

The EnGarde Linux distribution is probably the most secure Linux distribution I've seen. EnGarde enforces physical, host, and network security to protect your machine from attacks inside and out. In addition to tightening security policies and adding features like a LILO password to prevent someone with physical access getting root, EnGarde also includes intrusion detection to alert you to break-in attempts. Some distributions I've looked at seem to concentrate too heavily on one aspect of security or another, but EnGarde seems pretty well rounded. "

June 18th 2001 - Newsforge reviews EnGarde!

"With minimal system access allowed and every precaution taken, Engarde Secure Linux just might be the best distribution for Web/mail servers yet. It doesn't have all the bells and whistles of other distributions or operating systems, but it would seem that, unlike other companies that market server OSes, Guardian Digital does not think Pinball is an appropriate application for a server. With tight security and everything you need to configure a server out of the box built into it, Engarde Linux is something you should consider if building a secure Web site for commerce or any other purpose, or just needing a reliable mail server. "