+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 23rd 2001 Volume 2, Number 16n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, our newsletter is composed of many interesting articles. It is good to see that better quality papers are now being published. Although some of the topics are trivial to seasoned security experts, the topics are still important and should be addressed. Some of the best articles included, "Securing Your Apache Server," "Iptables Basics NHF," and "Firewall Design White Paper." Also this week, if you are an EnGarde user, you will probably want to take a look at our Tripwire and vsFTP HOWTOs. * EnGarde Tripwire HOWTO This document provides the steps a user can perform to configure Tripwire for use with EnGarde Secure Linux 1.0.1 (Finestra). It is assumed that the reader is familiar operating as the root user and knows how to use basic shell commands. http://www.linuxsecurity.com/articles/vendors_products_article-2877.html ### FREE Apache SSL Guide from Thawte ### Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.thawte.com/ucgi/gothawte.cgi?a=n342707510022000 HTML Version available: http://www.linuxsecurity.com/newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * Virtual Burglar Alarm - Intrusion Detection Systems (Part 1) April 22nd, 2001 Simply put, intrusion detection systems (ID systems) are virtual burglar alarms. ID systems automatically recognize attacks on network security and computer systems. Specifically, ID systems monitor compliance with security policies. http://www.linuxsecurity.com/articles/intrusion_detection_article-2907.html * Starting points of a secure Linux system April 19th, 2001 Starting points of a secure Linux system: "To keep it short and simple, here are some good pointers to enhancing your system's security. But remember, there's no absolute security, so keep your eyes open, subscribe yourself to good sec-related mailing lists, and keep your software up-to-date." http://www.linuxsecurity.com/articles/host_security_article-2896.html * Securing Your Apache Server April 17th, 2001 An excerpt from Chapter 3, "Security," of Apache: The Definitive Guide, 2nd Edition. Enable Apache to communicate securely over Secure Sockets Layer (SSL). Covers building, configuring, and securing an SSL-enabled Apache server under Unix. http://www.linuxsecurity.com/articles/server_security_article-2879.html +------------------------+ | Network Security News: | +------------------------+ * Dynamic iptables firewalls April 21st, 2001 The best way to see the benefits of dynamic firewall scripts is to see them in action. To do this, let's imagine that I'm a sysadmin at an ISP, and I've recently set up a Linux-based firewall to protect my customers and internal systems from malicious users on the Internet. http://www.linuxsecurity.com/articles/firewalls_article-2904.html * Firewall Design White Paper April 19th, 2001 This paper here is not a set of instructions of how to built an access nexus it is more like a white paper of things you should expect from such a device and be able to ask for them from you vendor. Please do tell them that they are currently availlable on Open Source Servers. http://www.linuxsecurity.com/articles/firewalls_article-2895.html * Intrusion Detection April 18th, 2001 Definition -- Intrusion detection is the art and science of sensing when a system or network is being used inappropriately or without authorization. An intrusion-detection system (IDS) monitors system and network resources and activities and, using information gathered from these sources, notifies the authorities when it identifies a possible intrusion. http://www.linuxsecurity.com/articles/intrusion_detection_article-2887.html * Iptables Basics NHF April 17th, 2001 I'm sure many of you have been wondering how to use iptables to set up a basic firewall. I was wondering the same thing for a long time until I recently figured it out. I'll try to explain the basics to at least get you started. http://www.linuxsecurity.com/articles/firewalls_article-2871.html +------------------------+ | Vendors/Products: | +------------------------+ * Cylant Technology Releases CylantSecure(tm) for Linux April 22nd, 2001 This document covers secure processes and services for NetBSD Operating Systems and Networks. Most of the information in this document can easily be translated to other BSD systems, however. http://www.linuxsecurity.com/articles/vendors_products_article-2909.html * Embedded Firewalls: The Next Wave? April 20th, 2001 Certainly your organization uses a firewall, most likely at your network borders. And many of you have adopted firewalls to protect your internal network segments, servers, and workstations. Most of these solutions are software-based-you must load that software on top of an existing OS http://www.linuxsecurity.com/articles/firewalls_article-2901.html * EnGarde FTP HOWTO April 17th, 2001 This document provides the steps a user can perform to enable and configure the ftp daemon (ftpd) for EnGarde Secure Linux 1.0.1 (Finestra). It is assumed that the reader is familiar operating as the root user and knows how to use a text editor such as vi(1) or pico(1). http://www.linuxsecurity.com/articles/vendors_products_article-2876.html * EnGarde Tripwire HOWTO April 17th, 2001 This document provides the steps a user can perform to configure Tripwire for use with EnGarde Secure Linux 1.0.1 (Finestra). It is assumed that the reader is familiar operating as the root user and knows how to use basic shell commands. http://www.linuxsecurity.com/articles/vendors_products_article-2877.html +------------------------+ | General News: | +------------------------+ * FTP Buffer Overflows April 22nd, 2001 In this column, we look at buffer overflows in many FTP daemons, Oracle Application Server, Solaris ipcs, Solaris Xsun, and a whole list of programs in SCO OpenServers; temporary file race conditions in pine and pico; format string bugs in HylaFAX and cfingerd; a bug that allows Netscape to execute JavaScript placed in a GIF comment; and problems in Midnight Commander, mkpasswd, http://www.linuxsecurity.com/articles/server_security_article-2908.html * Back to school to learn to hack April 20th, 2001 How do you predict the actions of a criminal? Get into his or her head, work out what makes them tick and learn the techniques they have at their disposal. http://www.linuxsecurity.com/articles/hackscracks_article-2900.html * Industry groups form Internet Security Alliance April 20th, 2001 Several industry groups joined forces Thursday to form a new consortium dedicated to improving the security of the Internet. The Internet Security Alliance -- a collaborative effort of the CERT Coordination Center, the Software Engineering Institute and the Electronic Industries Alliance -- hopes to serve as a portal for information about threats, best practices and risk management strategies http://www.linuxsecurity.com/articles/vendors_products_article-2903.html * Ponying up for real-time security alerts April 20th, 2001 CERT Coordination Center, formerly known as the Computer Emergency Response Team at Carnegie Mellon University, and the Electronic Industries Alliance (EIA), an electronics industry trade organization, on Thursday launched the Internet Security Alliance (ISA). http://www.linuxsecurity.com/articles/general_article-2899.html * IP Insecurity April 17th, 2001 Stolen credit card numbers, hacked federal computer systems and other high-profile online assaults have put many users on their guards and focused the attention of security managers on high-level intrusion-detection systems, chains of firewalls and other high-level defenses. http://www.linuxsecurity.com/articles/network_security_article-2880.html * Securing Java Code: Part 1 April 16th, 2001 Software is basically the root of all evil when it comes to common computer security problems. Today you can easily find comprehensive checklists for how to secure networks and operating systems. http://www.linuxsecurity.com/articles/general_article-2867.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 00:05:09 PDT