+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | July 30th, 2001 Volume 2, Number 30n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, the most interesting articles include "Building a Secure User Environment with SSH ChRootGroups," "Understanding RSA/DSA authentication," and "OpenSSH key management, Part 1." Also this week, a bill in the House is causing law officials "to be more forthright" and submit detailed reports on the usage of the Carnivore system. More information about this is available in the general section of this newsletter. This week, advisories were released for sugid-exec, telnet, ssh, procmail, squid, sendmsg, xil, imp, elm, and phplib. The vendors include Calera, Conectiva, FreeBSD, Mandrake, NetBSD, Red Hat, SuSE, Trustix http://www.linuxsecurity.com/articles/forums_article-3411.html ## EnGarde Secure Linux v1.0.1 ## EnGarde is a secure distribution of Linux engineered from the ground-up to provide organizations with the level of security required to create a corporate Web presence or even conduct e-business on the Web. It can be used as a Web, DNS, e-mail, database, e-commerce, and general Internet server where security is a primary concern. --> Download: http://www.engardelinux.org/download.html HTML Version: http://www.linuxsecurity.com/vuln-newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Incident Response -- Investigating Computer Crime July 26th, 2001 "I particularly recommend the book for less advanced admins and those who don't have a lot of hands-on experience. If you've never been through an "incident," this is a very good book to have. If you've been through one or two, you might find a few things you've done wrong (or right) and some extra ways to prepare for the next time." http://www.linuxsecurity.com/articles/documentation_article-3403.html * Installation of a Secure Web Server July 26th, 2001 Web servers are the most exposed servers on the Internet. In order for clients/ target groups to be able to access the information provided, web servers must be accessible from any point on the Internet. In contrast to other public services like DNS and FTP, the Web is especially tempting for "Crackers": a succesful "hack" of a system can be visualized by changing the appearance of the home page to increase awareness of the hacker's presence. http://www.linuxsecurity.com/articles/server_security_article-3404.html * Building a Secure User Environment with SSH ChRootGroups July 23rd, 2001 Chroot alters the effective root directory of a user or process to one specified by the root user. Thus far, chroot has not been widely used for creating secure user environments; the difficulties involved with creating a functional cage are an obstacle that still needs to be overcome. This article will provide an overview of SSH ChRootGroups feature; which provides a quick and easy way for administrators to lock users inside a chrooted cage. http://www.linuxsecurity.com/articles/host_security_article-3386.html +------------------------+ | Network Security News: | +------------------------+ * Commenting a firewall July 28th, 2001 Hopefully, this article will help you understand the principle of building a custom firewall. The firwall used for this article is pretty good, and you can use it, since you can adjust it to your needs as it is well commented. It is ideal for your home network. Just copy it, chmod it and off you go. http://www.linuxsecurity.com/articles/firewalls_article-3419.html * Know Your Enemy: Statistics July 25th, 2001 Over the past several years, the Honeynet Project has been collecting and archiving information on blackhat activity. We have attempted, to the best of our ability, to log and capture every probe, attack, and exploit made against our Honeynet. http://www.linuxsecurity.com/articles/intrusion_detection_article-3396.html * Network Sniffers July 25th, 2001 Sniffers are tools, also known as network analyzers, used for monitoring network traffic. As such, if used by authorized personnel, can prove to be of a great value. But, on the other hand, sniffers represent significant threat to your network, and are very hard to detect. http://www.linuxsecurity.com/articles/network_security_article-3400.html +------------------------+ | Cryptography News: | +------------------------+ * OpenSSH key management, Part 1 July 26th, 2001 In this series, you'll learn how RSA and DSA authentication work, and see how to set up passwordless authentication the right way. In the first article of the series, Daniel Robbins focuses on introducing the RSA and DSA authentication protocols and showing you how to get them working over the network. http://www.linuxsecurity.com/articles/cryptography_article-3405.html * Understanding RSA/DSA authentication July 26th, 2001 In this series, you'll learn how RSA and DSA authentication work, and see how to set up passwordless authentication the right way. In the first article of the series, Daniel Robbins focuses on introducing the RSA and DSA authentication protocols and showing you how to get them working over the network. http://www.linuxsecurity.com/articles/cryptography_article-3408.html +------------------------+ | General Security News: | +------------------------+ * Hacking Vegas at Black Hat and DEF CON: One Geek's Experience July 28th, 2001 DEF CON, which began as a relatively small get-together for members of the IS underground, has grown in recent years to become the world's largest and most publicized annual gathering of the diverse groups that comprise Information Systems Security. http://www.linuxsecurity.com/articles/hackscracks_article-3417.html * IT managers still overestimate security July 27th, 2001 Only two out of 50 firewalls at a leading Swiss bank were configured correctly -- just one instance of security that is all that it should be. Network security is being overestimated by IT managers because they are failing to manage protective software properly, according to a security expert. http://www.linuxsecurity.com/articles/general_article-3415.html * 'Jam Echelon Day' protest planned July 27th, 2001 Internet activists are planning an international day of protest on Oct. 21 in an effort to jam Echelon, the super-secret global surveillance system. But privacy experts warn the protest is unlikely to succeed. Organizers of the cyber-event are encouraging the Internet community to send as many e-mail messages as possible, containing certain "trigger words" that the Echelon system is believed to pick up on. http://www.linuxsecurity.com/articles/projects_article-3416.html * House pulls Carnivore into the light July 24th, 2001 A bill requiring federal law-enforcement officials to be more forthright when answering questions about electronic surveillance systems has passed the U.S. House. The bill, which passed by a unanimous voice vote Monday afternoon, would require the attorney general and the FBI director to submit a detailed report on the use of systems including Carnivore and its successor, DCS1000. http://www.linuxsecurity.com/articles/privacy_article-3390.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 03:03:13 PDT