[ISN] Linux Security Week - August 20th 2001

From: InfoSec News (isnat_private)
Date: Tue Aug 21 2001 - 01:10:35 PDT

  • Next message: InfoSec News: "[ISN] NASA scientists: buy-in from users essential for security"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  August 20th, 2001                           Volume 2, Number 33n   |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, the most interesting articles include "Securing Sendmail with
    TLS," "CERT Guide to System and Network Security Practices,"  and
    "Learning with nmap." Also this week, there are several interesting
    cryptography articles including "Delayed Report on Encryption Flaws to Be
    Presented," and "So much for secure e-mail."
    This week, advisories were released for fetchmail, telnet, groff, imp,
    windowmaker, and openldap.  The vendors include Caldera, Conectiva,
    Debian, EnGarde, and Mandrake.
    Maximize your security with EnGarde Secure Linux!  EnGarde was designed
    from the ground up as a secure solution, starting with the principle of
    least privilege, and carrying it through every aspect of its
    EnGarde Quick Start Guide - This is a document that provides you with the
    information necessary to quickly begin using your EnGarde system.
    HTML Version:
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * Checking Your System Logs with awk
    August 19th, 2001
    UNIX systems are especially talkative and log considerable amounts of
    data. Many administrators at first find digging through all those logs
    annoying, and some abandon the practice of checking logs for that reason.
    However, when system problems arise, those admins are left wondering what
    occurred and why.
    * Securing Sendmail with TLS
    August 16th, 2001
    One of the most common uses of network systems is for e-mail-based
    communications. As such, a great deal of attention has been given to
    securing e-mail systems. However, most of this focus has been in two
    areas: security at the message level, using PGP or S/MIME, and
    confidentiality in the authentication process for mail retrieval, i.e.,
    using APOP or SSL-based IMAP. This still leaves mail server-to-server
    traversal vulnerable to several attacks.
    | Network Security News: |
    * HTML Form Protocol Attack [PDF]
    August 18th, 2001
    This paper describes how some HTML browsers can be tricked through the use
    of HTML forms into sending more or less arbitrary data to any TCP port.
    This can be used to send commands to servers using ASCII based protocols
    like SMTP, NNTP, POP3, IMAP, IRC, and others.
    * CERT Guide to System and Network Security Practices
    August 17th, 2001
    After reading the CERT Guide to System and Network Security Practices, you
    may feel as if you've been speaking with your mother about computer
    security, as most of the advice detailed in the book is common sense.  
    But, as Voltaire astutely noted, common sense is not so common.
    * New Public Network: Network Security's Not-So-Secret Ingredients
    August 16th, 2001
    The tools and technology to stop computer crime are known and available,
    yet administrators are so overwhelmed with day-to-day IT chores that they
    don't have time for healthy security practices.  Therefore, the network
    subsists on the digital equivalent of junk food: unpatched software,
    poorly configured firewalls, deficient security policies, and so on.
    * Hacker Tools and their Signatures, Part Three: Rootkits
    August 15th, 2001
    Toby Mill writes, "This is the third installment of a series devoted to
    examining hacker tools and their signatures. In this installment we will
    be looking at some of the signatures related to the KOH rootkit. The
    purpose of this paper is to assist the reader in detecting the KOH
    rootkit. "
    * Honeypot for hackers
    August 14th, 2001
    COMPUTER experts can now predict when a malicious hacker is about to
    strike, and sound the alarm days in advance. They are urging companies to
    use their technique to stop hackers getting into networks.  "Regardless of
    who you are, you are not safe," says Jeffery Stutzman, an ex-naval
    intelligence officer now working as a security expert for Cisco Systems in
    Chelmsford, Massachusetts.
    * Learning with nmap
    August 13th, 2001
    Why are scanners so important for the security of networks? Basically
    because they are essential tools for those who want to attack a system.
    The preparation of an attack by a cracker could look as follows:  Scan a
    target machine or selected network, observe which services are offered and
    which operating systems runs these services, and work on some well-known
    vulnerability in any of them.
    | Cryptography News:     |
    * The Encryption Effort
    August 19th, 2001
    There have been many articles recently extolling the virtues of encrypting
    your communications via the internet. But there is another side to this
    debate. Russell Kay, senior reviews editor of Computerworld in the US,
    gives us his view.
    * So much for secure e-mail
    August 15th, 2001
    Encrypted e-mail has flopped in the enterprise.  More than five years
    after standards were created and vendors rushed to support them, virtually
    no one secures e-mail today, despite widespread concerns about prying eyes
    and corrupted data.
    * Crypto-Gram August
    August 15th, 2001
    Encrypted e-mail has flopped in the enterprise.  More than five years
    after standards were created and vendors rushed to support them, virtually
    no one secures e-mail today, despite widespread concerns about prying eyes
    and corrupted data.
    * Delayed Report on Encryption Flaws to Be Presented
    August 15th, 2001
    Today a group of Princeton computer scientists will present a research
    paper that has spurred debate over the freedom of scientific research and
    a 1998 digital copyright law that places restrictions on the dissemination
    of decryption information. The paper, which reveals the flaws in several
    encryption techniques for compact discs, was withdrawn at the last minute
    from a conference in April because the researchers said they feared
    litigation from the Recording Industry Association of America, a trade
    group that has moved to stamp out piracy threats in the era of digital
    | Vendors/Tools          |
    * AirSnort Wireless LAN Tool
    August 18th, 2001
    AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys.
    AirSnort operates by passively monitoring transmissions, computing the
    encryption key when enough packets have been gathered.
    * Snort 1.8.1 Now Available
    August 15th, 2001
    This latest release includes SNMP alerting support, greatly improved
    stability, IDMEF XML alert support, new decoder for "%u encoded" HTTP
    traffic, limited wildcards/regex in the rules language, plus a new
    snort.org page.
    | General Security News: |
    * CyberCrime Help
    August 17th, 2001
    Cyberspace can be an exciting place these days. But, unfortunately, it can
    also be a dangerous place, especially if you're unaware of the dangers and
    how to protect yourself.  So we at "CyberCrime" thought we'd offer some
    tips and ideas for staying safe online.
    * 50 hackers to take part in server-cracking contest
    August 16th, 2001
    Hackers will be challenged to penetrate a variety of computer networks
    early next month with no threat of punishment if they are successful, a
    network security firm said yesterday.  Parinya Homanek, managing director
    of Net En Tel Co Ltd, said the first hackers' conference in Thailand would
    be held on September 3 and 4 with a network of more than 50 powerful
    servers set up specially for them to try to hack into.
    * Study: IT Budgets Opening Up to Linux
    August 15th, 2001
    A study by IDC finds the open-source Linux gaining popularity among
    corporate users, but the operating system still trails Microsoft in
    servers by a wide margin.  With solid year-to-year growth and a broad
    potential market that is currently using or experimenting with it, the
    open-source Linux platform is gaining ground in the information technology
    (IT) budgets of companies worldwide, analysts at IDC said Tuesday
    * Phrack 57 Available
    August 13th, 2001
    The latest issue of Phrack, a premier underground security magazine, has
    been released. Last issue released in May 2000, the latest issue talks
    about privacy, ICMP based OS fingerprinting, NIDS on mass parallel
    processing architecture, and more.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Aug 21 2001 - 06:28:24 PDT