+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 30th 2001 Volume 2, Number 17n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, a great number of network security articles were released. A few of the better ones include "Linux Network Security: Introduction," "A Comparison of iptables Automation Tools," and "Firewalls, VPNs, and Remote Offices." Also, take a moment to read our latest 'Linux Advisory Watch.' We have switched to a new method of formatting the information which should better suite your needs. This week, advisories were released for mgetty, netscape, nedit, zope, sendfile, samba, hylafax, licq, slrn, and sudo. The vendors include Debian, FreeBSD, Mandrake, Progeny, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-2936.html ### FREE Apache SSL Guide from Thawte ### Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.gothawte.com/rd7.html FEATURE STORY: Know Your Enemy: Honeynets Over the past several years the Honeynet Project has been dedicated to learning and the tools, tactics, and motives of the blackhat community and sharing the lessons learned. The primary tool used to gather this information is the Honeynet. The purpose of this paper is to discuss what a Honeynet is, its value to the security community, how it works, and the risks/issues involved. http://www2.linuxsecurity.com/feature_stories/feature_story-84.html HTML Version available: http://www.linuxsecurity.com/newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * Analysis of lpdw0rm Affecting Red Hat 7 Systems April 27th, 2001 Companies are taking the law into their own hands to beat hackers who cost them millions of pounds each year. They are going on the offensive and adopting hacking tools and techniques themselves, according to a former director of information warfare for the US Department of Defense. http://www.linuxsecurity.com/articles/network_security_article-2940.html * Access Granted: MySQL Security April 26th, 2001 Over the next few pages, I'm going to examine the mySQL access control system, and throw some light on the mySQL "grant tables". These tables, which are an integral part of the server's security system, offer database administrators a great deal of power and flexibility in deciding the rules which govern access to the system. http://www.linuxsecurity.com/articles/server_security_article-2934.html * Passive Analysis of SSH Traffic April 25th, 2001 It's widely known that applications like telnet, rsh, and rlogin are vulnerable to attacks that can monitor or "sniff" network traffic and obtain login passwords or other data sent over unencrypted connections. Protocols like SSH have been assumed to be safe even if an attack does monitor network traffic, because the transmitted data is encrypted. http://www.linuxsecurity.com/articles/network_security_article-2924.html +------------------------+ | Network Security News: | +------------------------+ * Know your enemy April 28th, 2001 To avoid these hazards, you'll need to understand how to detect and disarm malware and spot the telltale signs of hoaxes. The sections that follow describe the most common types of malware and how to avoid each. http://www.linuxsecurity.com/articles/network_security_article-2945.html * Start your day with a cup of DoS April 28th, 2001 Start your day with a cup of DoS - Denial of Service, or a DoS, is an action undertaken by someone, usually with a single goal, to render your host or system useless for other users, by making its services unreachable. DoS attacks can be pulled both on hardware or software. http://www.linuxsecurity.com/articles/network_security_article-2944.html * The Five-Access Point Security Plan April 27th, 2001 An attack on your computer network can result in denial of service from an overloaded router, corrupted data transmitted across the network, unauthorized access to PCs, or the data centers themselves. http://www.linuxsecurity.com/articles/general_article-2937.html * Linux Network Security: Introduction April 27th, 2001 However, if you do not use the Linux security tools in an appropriate way then they can be a liability. Problems can be caused by badly setup security measures. This article will seek to explain areas you should be aware of. http://www.linuxsecurity.com/articles/network_security_article-2941.html * Firewalls, VPNs, and Remote Offices April 24th, 2001 This month I will look at what we might call "best practices" for internetworking remote offices. It is arguably an old topic--we've been connecting remote offices over Virtual Private Networks (VPNs) for a few years now. It is one of the main purposes for VPNs, second only to secure dial-in connections. And yet, I think most of us do it wrong. http://www.linuxsecurity.com/articles/firewalls_article-2922.html * Scanning Your Network April 23rd, 2001 This document covers examining ICMP packets, IP packets revealed, Capturing TCP Packets, TCP Protocol Layers, and Understanding Filesystem Inodes on a FreeBSD system. "In the next few articles, I'd like to demonstrate putting some of this knowledge together in order to increase the security of your FreeBSD system. http://www.linuxsecurity.com/articles/intrusion_detection_article-2911.html * A Comparison of iptables Automation Tools April 23rd, 2001 This article will offer a brief overview of the means of configuring iptables and will offer a brief review of some tools that have been developed to automate the configuration of iptables. This discussion will look at IP firewalling code in Linux kernel and its configuration via various interfaces such as GUIs or scripts (written in shell scripting language, Perl or special configuration language). http://www.linuxsecurity.com/articles/firewalls_article-2913.html +------------------------+ | Cryptography News: | +------------------------+ * DeCSS code-crack dispute back in court April 27th, 2001 The film industry and a hacker publication will head back into court Tuesday in the DeCSS case, a legal dispute that could dictate whether it's legal to publish or link to certain materials online. http://www.linuxsecurity.com/articles/government_article-2942.html +------------------------+ | General News: | +------------------------+ * CERT defends vulnerability info restrictions April 25th, 2001 The long-debated question of whether software and network vulnerability data should be shared freely and immediately re-surfaced recently, as Carnegie Mellon University's CERT Coordination Center (CERT/CC), formerly the Computer Emergency Response Team (CERT), announced hooking up with a private-industry organization called the Internet Security Alliance to make its advance alerts and vulnerability database immediately available to members. http://www.linuxsecurity.com/articles/security_sources_article-2925.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Mon Apr 30 2001 - 01:01:55 PDT