[ISN] Linux Security Week - September 3rd 2001

From: InfoSec News (isnat_private)
Date: Tue Sep 04 2001 - 02:16:49 PDT

  • Next message: InfoSec News: "[ISN] [Review] Real World Linux Security: Intrusion Prevention, Detection, and Recovery"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  September 3rd, 2001                         Volume 2, Number 35n   |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "Network
    Monitoring for Intrusion Detection," "Linux Running on Secure
    Cryptographic Coprocessor," and "Thinking about Security."  Also this
    week, we are proud to announce our new look and new features available at
    LinuxSecurity.com: New Look, New Features!  After an extensive period of
    planning and development, LinuxSecurity.com contributors have over the
    last several months added easier navigation ability, integration with our
    local high-speed Packetstorm Security mirror, and much more.
    EnGarde Secure Newswire - Aug/Sept 2001 Read on for the latest news and
    reviews, information for EnGarde developers, the best QuickTips of the
    month, info from Guardian Digital on the future of EnGarde, and how to get
    started using EnGarde if you're new to the world of secure Linux
    Take advantage of our Linux Security discussion list!  This mailing list
    is for general security-related questions and comments. To subscribe send
    an e-mail to security-discuss-requestat_private with "subscribe"
    as the subject.
    This week, advisories were released for sendmail, telnet (who's still
    using this?), xloadimage, Mandrake kernel, xinetd, openldap, apache,
    openssl, and lpd.  The vendors include Caldera, Conectiva, FreeBSD,
    Immunix, Mandrake, and Slackware.  The recent sendmail problem has
    prompted many vendors to act quickly.  If the distribution that you use is
    not listed, be watching for further updates.
    HTML Version:
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * Thinking about Security
    September 1st, 2001
    This month, I thought I'd take a slight detour to talk about security. The
    Code Red worm and its sequels have been in the news a great deal, and
    admins running *Nix servers and Apache might be getting a little
    complacent in the security department, figuring that all is well as long
    as they're not running IIS
    * Review: Real World Linux Security: Intrusion Prevention, Detection,
    and Recovery
    August 30th, 2001
    Toxen is one of the original developers of Berkeley Unix, and his book is
    full of interesting historical tidbits from the computer science halls of
    UC Berkeley in the early 1970s.  When it comes to Unix security, Toxen's
    mantra is certainly "been there, done that."  Toxen is one of a very few
    writers who can write in the first person about developing operating
    systems while dropping names such as Bill Joy and Ken Thompson.
    | Network Security News: |
    * NASA uses OpenBSD; overcomes 802.11b security flaws
    September 1st, 2001
    The network security group in the NASA Advanced Supercomputing (NAS)
    Division at Ames Research Center, in California's Silicon Valley uses
    OpenBSD and other open source software for its wireless firewall gateway
    implementation. They successfully installed a secure interoperable
    wireless network addressing the well-known problems of the 802.11b
    standard wireless systems.
    * AirSnort: Wireless Networks Beware!
    August 30th, 2001
    Laptop users, beware: a new program allowing hackers to grab data
    transmitted through the air could compromise most wireless Internet
    networks used in airports, hotels, hospitals and colleges.  AirSnort,
    which was released on the Internet last week, exploits flaws in the
    encryption used to secure traffic on the standard network, known as Wi-Fi
    or 802.11b.
    * VPN firewalls standard in the pipeline
    August 30th, 2001
    In a bid to make it easier for firewalls to interoperate with virtual
     private networks (VPNs), the Internet Engineering Task Force (IETF) is
    considering a standard for network address translation (Nat).  At a recent
    meeting in London, the IETF reviewed a proposed standard for Nat that
    would determine how IP Security VPN tunnels should pass through firewalls
    and other Nat devices.
    * Future IP Security, part I
    August 28th, 2001
    Anton Chuvakin writes "This article outlines the future of IP addressing
    (IPv6) and focuses on the security components of next generation IP
    services (IPsec). We list major components of IPsec and describe their
    functionality in terms of the security services they provide. Part II will
    be devoted to end-user issues with IPsec protocols and their common
    * Network Monitoring for Intrusion Detection
    August 28th, 2001
    In the world of intrusion detection, we tend to focus on detecting attacks
    and clearly anomalous activity. However, another important component of a
    complete intrusion detection solution is basic network monitoring and
    traffic analysis. Network monitoring collects information on connections,
    while traffic analysis allows us to see what services are being used on a
    network and to compare that against the activity that we should be seeing.
    This allows us to identify unauthorized services being used within a
    network, as well as gaps in network perimeter defenses.
    | Cryptography News:     |
    * Linux Running on Secure Cryptographic Coprocessor
    August 31st, 2001
    By running Linux, it enables much easier migration and porting of
    applications into the secure environment than with the current CP/Q
    operating system. As a key product for secure e-business, its main
    applications are financial-related solutions, such as electronic coupon
    dispensers, Internet postage meters, intellectual property protection (web
    subscription services), signatures for digital documents and certificate
    * Two men arrested for planning to smuggle high-tech encryption
    August 30th, 2001
    Two men have been arrested and accused of scheming to smuggle military
    encryption technology to China, the Customs Service said Wednesday. The
    technology, two devices known as KIV-7HS units, are used to encode
    classified government communications.
    | General Security News: |
    * Boards fail the security test
    September 2nd, 2001
    Businesses need to work harder on their e-business security in the wake of
    a report saying two-thirds have been attacked in some way.  Company boards
    should do more to improve e-business security, as digital crime is
    deterring many firms from selling goods and services over the Internet,
    according to a recent report.
    * Security software: blind lead blind
    September 1st, 2001
    It's incredible that in this day and age some of the most popular security
    products, products that are marketed as protecting you from the evils of
    computers, are so badly designed.  CheckPoint's FireWall-1, the leading
    firewall by market share, had at least four vulnerabilities reported this
    year, and at least eleven reported last year.
    * Security market: A double edged sword
    August 30th, 2001
    According to IDC, the security market is going to grow from strength from
    strength over the next four years, rising at a compound annual rate of 23,
    until it tops more than $14 billion in 2005. This isn't just for virus
    protection either -which seems to be an increasingly virulent threat - but
    for all sectors of the security industry: firewalls, encryption,
    authentication authorisation and administration.
    * CERT Summary CS-2001-03
    August 29th, 2001
    Since the last regularly scheduled CERT summary, issued in May 2001
    (CS-2001-02), we have seen several self-propagating worms, as well as
    active exploitation of vulnerabilities in Solaris in.lpd, BSD telnet
    daemon and Microsoft IIS by intruders. In addition, we have seen an
    increase in intruder activity directed at home users.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 04:47:35 PDT