Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - May 5th 2003

From: InfoSec News <isn () c4i org>
Date: Tue, 6 May 2003 00:21:32 -0500 (CDT)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  May 5th, 2003                                Volume 4, Number 18n  |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Linux Security:
Kinds of Encryption," "Introduction to Simple Oracle Auditing," "Linux
Complete Backup and Recovery HOWTO," and "Honeypots: Simple,
Cost-Effective Detection."

LINUX ADVISORY WATCH:
This week, advisories were released for apcupsd, sendmail, apache, balsa,
pptp, kdebase, snort, tcpdump, monkeyd, mgetty, ethereal, squirrelmail,
lprng, micq, zlib, man, and xinetd.  The distributors include Caldera,
Conectiva, Debian, EnGarde, Gentoo, Mandrake, Red Hat, and Turbo Linux.

http://www.linuxsecurity.com/articles/forums_article-7199.html

--------------------------------------------------------------------

* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.

 --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2

--------------------------------------------------------------------

Days of the Honeynet: Attacks, Tools, Incidents - Among other benefits,
running a honeynet makes one acutely aware about "what is going on" out
there. While placing a network IDS outside one's firewall might also
provide a similar flood of alerts, a honeypot provides a unique
prospective on what will be going on when a related server is compromised
used by the intruders.

http://www.linuxsecurity.com/feature_stories/feature_story-141.html



 #### Concerned about the next threat?  ####
 #### EnGarde is the undisputed winner! ####

 Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
 Editor's Choice Award, EnGarde "walked away with our Editor's Choice
 award thanks to the depth of its security strategy..." Find out what the
 other Linux vendors are not telling you.


http://store.guardiandigital.com/html/eng/products/software/esp_overview.shtml


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+


Host Security News:
-------------------
* What's the difference between a viral attack and a scan?
May 2nd, 2003

Infosec exhibitors were yesterday urged to check their systems for a virus
after the performance of the security conference's network took a severe
hit. Exhibitors received an advisory from eForce, which is responsible for
the networking and security of Olympia, Infosec's venue, that warned of an
attack linked to a Trojan called Deloader.

http://www.linuxsecurity.com/articles/general_article-7200.html


* Linux Security: Kinds of Encryption
May 2nd, 2003

Security is a major part of the foundation of any system that is not
totally cut off from other machines and users. Some aspects of security
have a place even on isolated machines. Examples are periodic system
backups, BIOS or power-on passwords, and self-locking screensavers.

http://www.linuxsecurity.com/articles/cryptography_article-7201.html


* Introduction to Simple Oracle Auditing
April 29th, 2003

This article will introduce the reader to the basics of auditing an Oracle
database. Oracle's RDBMS is a functionally rich product and there are a
number of auditing alternatives available to the reader.

http://www.linuxsecurity.com/articles/documentation_article-7175.html


* Linux Complete Backup and Recovery HOWTO
April 28th, 2003

Imagine your disk drive has just become a very expensive hockey puck.
Imagine you have had a fire, and your computer case now looks like
something Salvador Dali would like to paint. Now what?

http://www.linuxsecurity.com/articles/documentation_article-7170.html



+------------------------+
| Network Security News: |
+------------------------+

* Viva Liberacion: A Guide to Nuking Spammers, Part 2
May 1st, 2003

In part one we looked at the fundamental problem of spam, which is theft
of services, and put forth the radical notion that we are not put on this
Earth merely for the convenience of marketers, but have exclusive rights
to our personal property. In part two we'll look at going beyond filtering
and blocking by attacking spam at its source.


http://www.linuxsecurity.com/articles/privacy_article-7193.html


* A Technique for Counting NATted Hosts
April 30th, 2003

Steven M. Bellovin (co-author of the classic and recently re-published
Firewalls and Internet Security: Repelling the Wily Hacker) has an
interesting paper on detecting NATs (Network Address Translation setups)
and counting the hosts behind the NAT box.

http://www.linuxsecurity.com/articles/firewalls_article-7191.html


* Honeypots: Simple, Cost-Effective Detection
April 30th, 2003

This is the fourth article in an ongoing series examining honeypots. In
previous installments, we have covered two different honeypot solutions:
Honeyd and Specter. Both honeypots are low-interaction production
solutions; their purpose is to help protect organizations, as opposed to
research honeypots, which are used to gather information.

http://www.linuxsecurity.com/articles/network_security_article-7188.html


* Locking Down The Airwaves
April 30th, 2003

Wireless LANs are a blessing and a curse. They offer tremendous relief to
large organizations whose employees need greater flexibility and mobility.
But a wireless access point is also a radio station broadcasting your
company's private information.

http://www.linuxsecurity.com/articles/network_security_article-7186.html


* Securing Your Network
April 29th, 2003

I just recently finished yet another security review on the network at my
place of employment. I designed the different security features from
scratch and I am using a variety of devices and software (firewalls, IDS,
DMZs, and so on). I like to look at network security with the same
attitude as I look on the stock market: diversify.

http://www.linuxsecurity.com/articles/network_security_article-7173.html


* Port Scan Attack Detector
April 29th, 2003

psad (the Port Scan Attack Detector) is a collection of four lightweight
system daemons written in Perl and C that are designed to work with Linux
firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x
kernels) to detect port scans. It features a set of highly configurable
danger thresholds (with sensible defaults provided), verbose alert
messages that include the source, destination, scanned port range, begin
and end times, TCP flags and corresponding nmap options (Linux 2.4.x
kernels only), email alerting, and automatic blocking of offending IP
addresses via dynamic configuration of ipchains/iptables firewall
rulesets.

http://www.linuxsecurity.com/articles/projects_article-7179.html


* Cryptography Guru Paul Kocher Speaks Out
April 28th, 2003

Paul Kocher, [Cryptography Research] president, is considered one of the
rising stars in the world of cryptography, thanks to his design for the
SSL v3.0 protocol and development of a timing attack on the RSA algorithm.
Senior Editor Dennis Fisher sat down with Kocher and Benjamin Jun, the
company's vice president, at the RSA Conference last week to discuss the
new technology and why the current argument over mandated copy protection
is moot.

http://www.linuxsecurity.com/articles/forums_article-7171.html


* VPNs Made Easy (Using SSL)
April 28th, 2003

[They] deployed a VPN based on the IPsec protocol. That provided session
encryption and authentication and enabled network-level access to
resources, but it also proved problematic.

http://www.linuxsecurity.com/articles/cryptography_article-7169.html



+------------------------+
| General Security News: |
+------------------------+

* Open-source leaders pitch Linux policy
May 2nd, 2003

Leaders of several major open-source projects have joined George
Washington University's Cyber Security Policy and Research Institute to
push for greater government use of the Linux operating system.

http://www.linuxsecurity.com/articles/organizations_events_article-7202.html


* Security Patches and Negative ROI Equal Corporate Stupidity
May 2nd, 2003

ROI (return on investment) is a key concept in IT spending today. The
board is much more likely to spend money on IT, if ROI can be demonstrated
in a reasonable period of time. It's a very sensible, sound business idea.
Yet, many companies are actually practicing what could be called negative
ROI - they choose IT products which cost them more money the longer they
have them. In the current business environment, this could be described as
corporate stupidity.

http://www.linuxsecurity.com/articles/network_security_article-7203.html


* Web-Based Attacks Could Create Chaos In The Physical World
May 1st, 2003

Most experts on computer crime focus on attacks against Web servers, bank
account tampering and other mischief confined to the digital world. But by
using little more than a Web search engine and some simple software, a
computer-savvy criminal or terrorist could easily leap beyond the
boundaries of cyberspace to wreak havoc in the physical world, a team of
Internet security researchers has concluded.

http://www.linuxsecurity.com/articles/forums_article-7198.html


* EnGarde Secure Linux Community Edition released
April 28th, 2003

Guardian Digital announced the next generation of the award-winning
EnGarde Secure Linux Community Edition. Leveraging the best open source
applications available, combined with the security expertise from Guardian
Digital, EnGarde is a comprehensive platform for developing a secure
Internet presence.

http://www.linuxsecurity.com/articles/server_security_article-7167.html



* EnGarde Secure Linux: New Community Edition Features Improved
Security, Ease of Management
April 28th, 2003

Today at the RealWorld Linux Expo in Toronto, Guardian Digital launched
the next generation of the Community edition of EnGarde Secure Linux.
EnGarde features secure web-based management of all functions, including
Internet edge services, integrated intrusion detection, cryptography,
improved authentication and access control, as well as protection from
many forms of intrusion such as buffer overruns and denial of service
attacks.

http://www.linuxsecurity.com/articles/vendors_products_article-7163.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: