+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 20th, 2001 Volume 2, Number 33n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, the most interesting articles include "Securing Sendmail with TLS," "CERT Guide to System and Network Security Practices," and "Learning with nmap." Also this week, there are several interesting cryptography articles including "Delayed Report on Encryption Flaws to Be Presented," and "So much for secure e-mail." This week, advisories were released for fetchmail, telnet, groff, imp, windowmaker, and openldap. The vendors include Caldera, Conectiva, Debian, EnGarde, and Mandrake. http://www.linuxsecurity.com/articles/forums_article-3519.html Maximize your security with EnGarde Secure Linux! EnGarde was designed from the ground up as a secure solution, starting with the principle of least privilege, and carrying it through every aspect of its implementation. http://www.engardelinux.org EnGarde Quick Start Guide - This is a document that provides you with the information necessary to quickly begin using your EnGarde system. http://www.guardiandigital.com/docs/EnGardeManual/ESLQuick-1.0.1.pdf HTML Version: http://www.linuxsecurity.com/vuln-newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Checking Your System Logs with awk August 19th, 2001 UNIX systems are especially talkative and log considerable amounts of data. Many administrators at first find digging through all those logs annoying, and some abandon the practice of checking logs for that reason. However, when system problems arise, those admins are left wondering what occurred and why. http://www.linuxsecurity.com/articles/host_security_article-3527.html * Securing Sendmail with TLS August 16th, 2001 One of the most common uses of network systems is for e-mail-based communications. As such, a great deal of attention has been given to securing e-mail systems. However, most of this focus has been in two areas: security at the message level, using PGP or S/MIME, and confidentiality in the authentication process for mail retrieval, i.e., using APOP or SSL-based IMAP. This still leaves mail server-to-server traversal vulnerable to several attacks. http://www.linuxsecurity.com/articles/server_security_article-3512.html +------------------------+ | Network Security News: | +------------------------+ * HTML Form Protocol Attack [PDF] August 18th, 2001 This paper describes how some HTML browsers can be tricked through the use of HTML forms into sending more or less arbitrary data to any TCP port. This can be used to send commands to servers using ASCII based protocols like SMTP, NNTP, POP3, IMAP, IRC, and others. http://www.linuxsecurity.com/articles/documentation_article-3524.html * CERT Guide to System and Network Security Practices August 17th, 2001 After reading the CERT Guide to System and Network Security Practices, you may feel as if you've been speaking with your mother about computer security, as most of the advice detailed in the book is common sense. But, as Voltaire astutely noted, common sense is not so common. http://www.linuxsecurity.com/articles/documentation_article-3522.html * New Public Network: Network Security's Not-So-Secret Ingredients August 16th, 2001 The tools and technology to stop computer crime are known and available, yet administrators are so overwhelmed with day-to-day IT chores that they don't have time for healthy security practices. Therefore, the network subsists on the digital equivalent of junk food: unpatched software, poorly configured firewalls, deficient security policies, and so on. http://www.linuxsecurity.com/articles/general_article-3517.html * Hacker Tools and their Signatures, Part Three: Rootkits August 15th, 2001 Toby Mill writes, "This is the third installment of a series devoted to examining hacker tools and their signatures. In this installment we will be looking at some of the signatures related to the KOH rootkit. The purpose of this paper is to assist the reader in detecting the KOH rootkit. " http://www.linuxsecurity.com/articles/host_security_article-3507.html * Honeypot for hackers August 14th, 2001 COMPUTER experts can now predict when a malicious hacker is about to strike, and sound the alarm days in advance. They are urging companies to use their technique to stop hackers getting into networks. "Regardless of who you are, you are not safe," says Jeffery Stutzman, an ex-naval intelligence officer now working as a security expert for Cisco Systems in Chelmsford, Massachusetts. http://www.linuxsecurity.com/articles/intrusion_detection_article-3500.html * Learning with nmap August 13th, 2001 Why are scanners so important for the security of networks? Basically because they are essential tools for those who want to attack a system. The preparation of an attack by a cracker could look as follows: Scan a target machine or selected network, observe which services are offered and which operating systems runs these services, and work on some well-known vulnerability in any of them. http://www.linuxsecurity.com/articles/general_article-3492.html +------------------------+ | Cryptography News: | +------------------------+ * The Encryption Effort August 19th, 2001 There have been many articles recently extolling the virtues of encrypting your communications via the internet. But there is another side to this debate. Russell Kay, senior reviews editor of Computerworld in the US, gives us his view. http://www.linuxsecurity.com/articles/cryptography_article-3526.html * So much for secure e-mail August 15th, 2001 Encrypted e-mail has flopped in the enterprise. More than five years after standards were created and vendors rushed to support them, virtually no one secures e-mail today, despite widespread concerns about prying eyes and corrupted data. http://www.linuxsecurity.com/articles/cryptography_article-3503.html * Crypto-Gram August August 15th, 2001 Encrypted e-mail has flopped in the enterprise. More than five years after standards were created and vendors rushed to support them, virtually no one secures e-mail today, despite widespread concerns about prying eyes and corrupted data. http://www.linuxsecurity.com/articles/cryptography_article-3506.html * Delayed Report on Encryption Flaws to Be Presented August 15th, 2001 Today a group of Princeton computer scientists will present a research paper that has spurred debate over the freedom of scientific research and a 1998 digital copyright law that places restrictions on the dissemination of decryption information. The paper, which reveals the flaws in several encryption techniques for compact discs, was withdrawn at the last minute from a conference in April because the researchers said they feared litigation from the Recording Industry Association of America, a trade group that has moved to stamp out piracy threats in the era of digital music. http://www.linuxsecurity.com/articles/cryptography_article-3509.html +------------------------+ | Vendors/Tools | +------------------------+ * AirSnort Wireless LAN Tool August 18th, 2001 AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. http://www.linuxsecurity.com/articles/cryptography_article-3525.html * Snort 1.8.1 Now Available August 15th, 2001 This latest release includes SNMP alerting support, greatly improved stability, IDMEF XML alert support, new decoder for "%u encoded" HTTP traffic, limited wildcards/regex in the rules language, plus a new snort.org page. http://www.linuxsecurity.com/articles/intrusion_detection_article-3508.html +------------------------+ | General Security News: | +------------------------+ * CyberCrime Help August 17th, 2001 Cyberspace can be an exciting place these days. But, unfortunately, it can also be a dangerous place, especially if you're unaware of the dangers and how to protect yourself. So we at "CyberCrime" thought we'd offer some tips and ideas for staying safe online. http://www.linuxsecurity.com/articles/hackscracks_article-3520.html * 50 hackers to take part in server-cracking contest August 16th, 2001 Hackers will be challenged to penetrate a variety of computer networks early next month with no threat of punishment if they are successful, a network security firm said yesterday. Parinya Homanek, managing director of Net En Tel Co Ltd, said the first hackers' conference in Thailand would be held on September 3 and 4 with a network of more than 50 powerful servers set up specially for them to try to hack into. http://www.linuxsecurity.com/articles/hackscracks_article-3513.html * Study: IT Budgets Opening Up to Linux August 15th, 2001 A study by IDC finds the open-source Linux gaining popularity among corporate users, but the operating system still trails Microsoft in servers by a wide margin. With solid year-to-year growth and a broad potential market that is currently using or experimenting with it, the open-source Linux platform is gaining ground in the information technology (IT) budgets of companies worldwide, analysts at IDC said Tuesday http://www.linuxsecurity.com/articles/general_article-3504.html * Phrack 57 Available August 13th, 2001 The latest issue of Phrack, a premier underground security magazine, has been released. Last issue released in May 2000, the latest issue talks about privacy, ICMP based OS fingerprinting, NIDS on mass parallel processing architecture, and more. http://www.linuxsecurity.com/articles/projects_article-3493.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Aug 21 2001 - 06:28:24 PDT