[ISN] Linux Advisory Watch - April 30th, 2001

From: newsletter-adminsat_private
Date: Sun Apr 29 2001 - 22:41:48 PDT

  • Next message: InfoSec News: "[ISN] VeriSign Enhancing Internet ID Service"

    |  LinuxSecurity.com                         Weekly Newsletter        |
    |  April 30th 2001                           Volume 2, Number 17n     |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security
    newsletter. The purpose of this document is to provide our readers
    with a quick summary of each week's most relevant Linux security
    This week, a great number of network security articles were released.
    A few of the better ones include "Linux Network Security: Introduction,"
    "A Comparison of iptables Automation Tools," and "Firewalls, VPNs,
    and Remote Offices."  Also, take a moment to read our latest 'Linux
    Advisory Watch.'  We have switched to a new method of formatting
    the information which should better suite your needs.
    This week, advisories were released for mgetty, netscape, nedit,
    zope, sendfile, samba, hylafax, licq, slrn, and sudo.  The vendors
    include Debian, FreeBSD, Mandrake, Progeny, Red Hat, and SuSE.
    ### FREE Apache SSL Guide from Thawte ###
    Planning Web Server Security? Find out how to implement SSL! Get the
    free Thawte Apache SSL Guide and find the answers to all your Apache
    SSL security issues and more at:
    FEATURE STORY: Know Your Enemy: Honeynets
    Over the past several years the Honeynet Project has been dedicated
    to learning and the tools, tactics, and motives of the blackhat
    community and sharing the lessons learned. The primary tool used to
    gather this information is the Honeynet. The purpose of this paper
    is to discuss what a Honeynet is, its value to the security community,
    how it works, and the risks/issues involved.
    HTML Version available:
    | Host Security News: | <<-----[ Articles This Week ]-----------------+
    * Analysis of lpdw0rm Affecting Red Hat 7 Systems
    April 27th, 2001
    Companies are taking the law into their own hands to beat hackers who
    cost  them millions of pounds each year.   They are going on the
    offensive and adopting hacking tools and techniques  themselves,
    according to a former director of information warfare for the US
    Department of Defense.
    * Access Granted: MySQL Security
    April 26th, 2001
    Over the next few pages, I'm going to examine the mySQL access
    control system, and  throw some light on the mySQL "grant tables".
    These tables, which are an integral part  of the server's security
    system, offer database administrators a great deal of power and
    flexibility in deciding the rules which govern access to the system.
    * Passive Analysis of SSH Traffic
    April 25th, 2001
    It's widely known that applications like telnet, rsh, and rlogin are
    vulnerable to attacks that can monitor or "sniff" network traffic and
    obtain login passwords or other data sent over unencrypted
    connections. Protocols like SSH have been assumed to be safe even if
    an attack does monitor network traffic, because the transmitted data
    is encrypted.
    | Network Security News: |
    * Know your enemy
    April 28th, 2001
    To avoid these hazards, you'll need to understand how to  detect and
    disarm malware and spot the telltale signs of  hoaxes. The sections
    that follow describe the most  common types of malware and how to
    avoid each.
    * Start your day with a cup of DoS
    April 28th, 2001
    Start your day with a cup of DoS - Denial of Service, or a DoS, is an
    action undertaken by someone, usually with a single goal, to render
    your host or system useless for other users, by making its services
    unreachable. DoS attacks can be pulled both on hardware or software.
    * The Five-Access Point Security Plan
    April 27th, 2001
    An attack on your computer network can result in denial of service
    from an overloaded router, corrupted data transmitted across the
    network, unauthorized access to PCs, or the data centers themselves.
    * Linux Network Security: Introduction
    April 27th, 2001
    However, if you do  not use the Linux security tools in an
    appropriate way then they can be a liability.  Problems can be caused
    by badly setup security measures. This article will seek to  explain
    areas you should be aware of.
    * Firewalls, VPNs, and Remote Offices
    April 24th, 2001
    This month I will look at what we might call "best practices" for
    internetworking remote offices. It is arguably an old topic--we've
    been connecting remote offices over Virtual Private Networks (VPNs)
    for a few years now. It is one of the main purposes for VPNs, second
    only to secure dial-in connections. And yet, I think most of us do it
    * Scanning Your Network
    April 23rd, 2001
    This document covers examining ICMP packets, IP packets revealed,
    Capturing TCP Packets, TCP Protocol Layers, and Understanding
    Filesystem Inodes on a FreeBSD system. "In the next few articles, I'd
    like to  demonstrate putting some of this knowledge  together in
    order to increase the security of  your FreeBSD system.
    * A Comparison of iptables Automation Tools
    April 23rd, 2001
    This article will offer a brief overview of the means of configuring
    iptables and will offer a brief review of some tools that have been
    developed to automate the configuration of iptables. This discussion
    will look at IP firewalling code in Linux kernel and its
    configuration via various interfaces such as GUIs or scripts (written
    in shell scripting language, Perl or special configuration
    | Cryptography News:     |
    * DeCSS code-crack dispute back in court
    April 27th, 2001
    The film industry and a hacker publication will head back into court
    Tuesday in the DeCSS case, a  legal dispute that could dictate
    whether it's legal to publish or link to certain materials online.
    | General News:          |
    * CERT defends vulnerability info restrictions
    April 25th, 2001
    The long-debated question of whether software and network
    vulnerability data should  be shared freely and immediately
    re-surfaced recently, as Carnegie Mellon University's  CERT
    Coordination Center (CERT/CC), formerly the Computer Emergency
    Response  Team (CERT), announced hooking up with a private-industry
    organization called the  Internet Security Alliance to make its
    advance alerts and vulnerability database  immediately available to
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 01:01:55 PDT