+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 16th 2001 Volume 2, Number 15n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, a few of the most interesting articles include, "Make SSH do more," "Tools and Their Signatures, Part One: bind8x.c," and "Using Certificate Revocation Lists." Also, today the i386 version of EnGarde Secure Linux will be available for download. Please see engardelinux.org to download it. FEATURE STORY: Using GnuPG with Pine for Secure E-Mail Many people have no problems sending sensitive data via e-mail. Most of us do not know how easy it is for anybody to read it. Just because somebody holds the title of "Systems Administrator" does not mean they can be trusted. What is stopping them from reading your e-mail? Nothing. This is where PGP comes in; it is easy-to-use encryption meant for the common person. http://www.linuxsecurity.com/feature_stories/feature_story-83.html This week, advisories were released for xntp3, ntpd, vim, mailx, kernel, pine, netscape, and mc. The vendors include Conectiva, Caldera, Debian, EnGarde, Immunix, Mandrake, NetBSD, Progeny, Red Hat, Slackware, SuSE, and Trustix. http://www.linuxsecurity.com/articles/forums_article-2857.html ### FREE Apache SSL Guide from Thawte ### Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.thawte.com/ucgi/gothawte.cgi?a=n341305500018000 HTML Version available: http://www.linuxsecurity.com/newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * Make SSH do more April 15th, 2001 However, most people simply connect via SSH, enter their passwords, and type away. They don't realize that SSH has advanced key-management features that allow them to avoid having to retype their passwords; that its port-forwarding options can secure other, normally insecure, packages; and that they can employ little tricks in SSH that would make their lives easier http://www.linuxsecurity.com/articles/cryptography_article-2865.html * Hacker Tools and Their Signatures, Part One: bind8x.c April 12th, 2001 This article is the first in a series of papers detailing hacker exploits/tools and their signatures. This installment will examine the Berkley Internet Name Domain exploit bind8x.c. The discussion will cover the details of bind8x.c and provide signatures that will assist an IDS analyst in detecting it. http://www.linuxsecurity.com/articles/host_security_article-2847.html * Feature: Using Certificate Revocation Lists April 9th, 2001 One of the most common kinds of access control for secure web servers is Basic Authentication, in which a login and password are required. Access controls can apply to part or all of a web site. The restricted area is called the "authorization realm." Even though Basic Authentication is the most common kind of access control, it is not the most secure. http://www.linuxsecurity.com/articles/cryptography_article-2831.html +------------------------+ | Network Security News: | +------------------------+ * Limiting your security to a firewall could be akin to opening Pandora's box April 15th, 2001 The fundamental problem with security is that it's everyone's problem, which means that no one is actually responsible. When people talk about security today, they tend to focus on the edge of the network, where they deploy firewalls and VPN software to secure access to the network. http://www.linuxsecurity.com/articles/network_security_article-2862.html * Anti-Virus with Sendmail and FreeBSD April 14th, 2001 This is a very nice add on for ISPs or someone that wants to safeguard all email coming into their system from viruses. The following article will walk you through installing and setting up several programs, to get this project done. http://www.linuxsecurity.com/articles/server_security_article-2861.html +------------------------+ | Cryptography News | +------------------------+ * Crypto-Gram April 2001 April 15th, 2001 The government finally did something right. That seemed to be the common theme at the RSA Data Security Conference on Monday afternoon with encryption experts praising the U.S. government's selection of an Advanced Encryption Standard, or AES. http://www.linuxsecurity.com/articles/cryptography_article-2864.html * Crypto experts: All hail AES April 10th, 2001 The government finally did something right. That seemed to be the common theme at the RSA Data Security Conference on Monday afternoon with encryption experts praising the U.S. government's selection of an Advanced Encryption Standard, or AES. http://www.linuxsecurity.com/articles/cryptography_article-2838.html +------------------------+ | Vendors/Products: | +------------------------+ * Security flaw found in Alcatel DSL modems April 11th, 2001 Computer industry security experts believe they have discovered a vulnerability in certain high-speed modems manufactured by Alcatel, the French communications equipment giant. Though only theoretical so far, the problem makes the devices potentially vulnerable to malicious hacker attacks. http://www.linuxsecurity.com/articles/network_security_article-2840.html +------------------------+ | General News: | +------------------------+ * Forensics 'DUST' For Cyberprints April 13th, 2001 David Brown reports on advances in forensic science that can catch hackers by their behaviour Experts in forensic computing believe that businesses can help to identify the "signature" techniques of hackers, by monitoring how they behave inside networks, and which tools they use, increasing the chances of prosecution. http://www.linuxsecurity.com/articles/intrusion_detection_article-2859.html * Linux Security Module Interface Mailing List April 12th, 2001 One of the byproducts of the Linux 2.5 Kernel Summit was the notion of an enhancement of the loadable kernel module interface to facilitate security-oriented kernel modules. http://www.linuxsecurity.com/articles/forums_article-2854.html * Security cracks require pre-emptive spackling April 12th, 2001 When it comes to hardening your network against hackers, the best defense is to keep abreast of developing threats and apply patches with due diligence IT SEEMS YOU can't open a newspaper or listen to the news these days without learning that yet another company's network has been broken in to http://www.linuxsecurity.com/articles/network_security_article-2849.html * Privacy activists plan assault on Eschelon, Carnivore April 12th, 2001 Echelon, the international spy network allegedly set up to listen in on civilians' electronic communications, will get some of its most public exposure to date this weekend, when a prominent U.S. civil rights group runs a full-page advertisement in the New York Times Magazine and the New Yorker. http://www.linuxsecurity.com/articles/privacy_article-2853.html * Computer Forensics April 9th, 2001 "The ease of perpetrating a cybercrime, the relative anonymity afforded the offender, and the difficulty in pursuing and tracking down the offender, all contribute to the rise in the frequency of these types of crimes," say Dave Schultz and Jeff Lendino, both associate legal counsels for Ontrack Data International, Inc. http://www.linuxsecurity.com/articles/intrusion_detection_article-2832.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 02:58:48 PDT