[ISN] Linux Security Week - April 23 2001

From: newsletter-adminsat_private
Date: Mon Apr 23 2001 - 06:57:08 PDT

  • Next message: Marjorie Simmons: "[ISN] Computer sabotage case back in court"

    |  LinuxSecurity.com                         Weekly Newsletter        |
    |  April 23rd 2001                           Volume 2, Number 16n     |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security
    newsletter. The purpose of this document is to provide our readers
    with a quick summary of each week's most relevant Linux security
    This week, our newsletter is composed of many interesting articles.  It
    is good to see that better quality papers are now being published.
    Although some of the topics are trivial to seasoned security experts,
    the topics are still important and should be addressed.  Some of the
    best articles included, "Securing Your Apache Server," "Iptables Basics
    NHF," and "Firewall Design White Paper."  Also this week, if you are
    an EnGarde user, you will probably want to take a look at our
    Tripwire and vsFTP HOWTOs.
    * EnGarde Tripwire HOWTO
    This document provides the steps a user can perform to configure
    Tripwire for use with EnGarde Secure Linux 1.0.1 (Finestra). It is
    assumed that the reader is familiar operating as the root user and
    knows how to use basic shell commands.
    ### FREE Apache SSL Guide from Thawte ###
    Planning Web Server Security? Find out how to implement SSL! Get the
    free Thawte Apache SSL Guide and find the answers to all your Apache
    SSL security issues and more at:
    HTML Version available:
    | Host Security News: | <<-----[ Articles This Week ]-----------------+
    * Virtual Burglar Alarm - Intrusion Detection Systems (Part 1)
    April 22nd, 2001
    Simply put, intrusion detection systems (ID systems) are virtual
    burglar alarms. ID systems automatically recognize attacks on network
     security and computer systems. Specifically, ID systems monitor
    compliance with security policies.
    * Starting points of a secure Linux system
    April 19th, 2001
    Starting points of a secure Linux system: "To keep it short and
    simple, here are some good pointers to enhancing your system's
    security. But remember, there's no absolute security, so keep your
    eyes open, subscribe yourself to good sec-related mailing lists, and
    keep your software up-to-date."
    * Securing Your Apache Server
    April 17th, 2001
    An excerpt from Chapter 3, "Security," of Apache: The Definitive
    Guide, 2nd Edition. Enable Apache to communicate securely over
    Secure Sockets Layer (SSL). Covers building, configuring, and
    securing an  SSL-enabled Apache server under Unix.
    | Network Security News: |
    * Dynamic iptables firewalls
    April 21st, 2001
    The best way to see the benefits of dynamic firewall scripts is to
    see them in action. To do this, let's imagine that I'm a sysadmin at
    an ISP, and I've recently set up a Linux-based firewall to protect my
    customers and internal systems from malicious users on the Internet.
    * Firewall Design White Paper
    April 19th, 2001
    This paper here is not a set of instructions of how to built an
    access nexus it is more like a white paper of things you should
    expect from such a device and be able to ask for them from you
    vendor. Please do tell them that they are currently availlable on
    Open Source Servers.
    * Intrusion Detection
    April 18th, 2001
    Definition -- Intrusion detection is the art and science of sensing
    when a system  or network is being used inappropriately or without
    authorization. An  intrusion-detection system (IDS) monitors system
    and network resources and  activities and, using information gathered
    from these sources, notifies the  authorities when it identifies a
    possible intrusion.
    * Iptables Basics NHF
    April 17th, 2001
    I'm sure many of you have been wondering how to use iptables to set
    up a basic firewall. I was wondering the same thing for a long time
    until I recently figured it out. I'll try to explain the basics to at
    least get you started.
    | Vendors/Products:      |
    * Cylant Technology Releases CylantSecure(tm) for Linux
    April 22nd, 2001
    This document covers secure processes and services for NetBSD
    Operating Systems and Networks. Most of the information in this
    document can easily be translated to other BSD systems, however.
    * Embedded Firewalls: The Next Wave?
    April 20th, 2001
    Certainly your organization uses a firewall, most likely at your
    network borders. And many of you have adopted  firewalls to protect
    your internal network segments, servers, and workstations. Most of
    these solutions are  software-based-you must load that software on
    top of an existing OS
    * EnGarde FTP HOWTO
    April 17th, 2001
    This document provides the steps a user can perform to enable and
    configure the ftp daemon (ftpd) for EnGarde Secure Linux 1.0.1 (Finestra).
    It is assumed that the reader is familiar operating as the root user
    and knows how to use a text editor such as vi(1) or pico(1).
    * EnGarde Tripwire HOWTO
    April 17th, 2001
    This document provides the steps a user can perform to configure
    Tripwire for use with EnGarde Secure Linux 1.0.1 (Finestra). It is
    assumed that the reader is familiar operating as the root user and
    knows how to use basic shell commands.
    | General News:          |
    * FTP Buffer Overflows
    April 22nd, 2001
    In this column, we look at buffer  overflows in many FTP daemons,
    Oracle Application Server, Solaris ipcs, Solaris Xsun,  and a whole
    list of programs in SCO  OpenServers; temporary file race conditions
    in  pine and pico; format string bugs in HylaFAX  and cfingerd; a bug
    that allows Netscape to  execute JavaScript placed in a GIF comment;
    and problems in Midnight Commander,  mkpasswd,
    * Back to school to learn to hack
    April 20th, 2001
    How do you predict the actions of a criminal? Get into his or her
    head, work out what makes them tick and learn the techniques they
    have at their disposal.
    * Industry groups form Internet Security Alliance
    April 20th, 2001
    Several industry groups joined forces Thursday to form a  new
    consortium dedicated to improving the security of the  Internet.
    The Internet Security Alliance -- a collaborative effort of the  CERT
    Coordination Center, the Software Engineering  Institute and the
    Electronic Industries Alliance -- hopes to  serve as a portal for
    information about threats, best  practices and risk management
    * Ponying up for real-time security alerts
    April 20th, 2001
    CERT Coordination Center, formerly known as the Computer Emergency
    Response Team at Carnegie Mellon University, and the Electronic
    Industries Alliance (EIA), an electronics industry trade
    organization, on Thursday launched the Internet Security Alliance
    * IP Insecurity
    April 17th, 2001
    Stolen credit card numbers, hacked federal  computer systems and
    other high-profile online assaults  have put many users on their
    guards and focused the attention of security managers on high-level
    intrusion-detection systems, chains of firewalls and other
    high-level defenses.
    * Securing Java Code: Part 1
    April 16th, 2001
    Software is basically the root of all evil when it comes to common
    computer security problems.    Today you can easily find
    comprehensive checklists for how to secure  networks and operating
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 00:05:09 PDT