+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 5th, 2001 Volume 2, Number 44n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Protect Yourself with Secure Protocols," "The 60 Minute Network Security Guide," "Guide to Firewall Selection and Policy Recommendations," and "Transparent Proxying with Squid." This week, advisories were released for squid, kernel, uucp, webalizer, htdig, util-linux, teTeX, libdb, and the Red Hat printing system. Vendors include Caldera, EnGarde, Mandrake, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-3957.html ** FREE Apache SSL Guide from Thawte ** Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.gothawte.com/rd90.html * Don't Risk your network installing an insecure OS * EnGarde was designed from the ground up as a secure solution, starting with the principle of least privilege, and carrying it through every aspect of its implementation. * http://www.engardelinux.org Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-requestat_private with "subscribe" as the subject. +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * ApacheWeek: 2.0 Security Summary November 2nd, 2001 Two denial of service attacks were found in the Apache 2.0 code this week - both concerned with memory usage when sending large requests. The first was that the server did not respect the maximum header field length, and would consume memory indefinitely while reading a header line. http://www.linuxsecurity.com/articles/server_security_article-3962.html * The art of Computer Forensics November 1st, 2001 When the perpetrator deletes files, or when pieces of a file are fragmented all over the place, hard disk/floppy disk examination is another technique that computer forensic scientists employ. Basically, this looks at all the bits on the magnetic media to match them up into a coherent piece that may yield a clue or incriminating evidence http://www.linuxsecurity.com/articles/intrusion_detection_article-3953.html * Overview of LIDS, Part Two October 31st, 2001 This is the second part of a four-part series devoted to an overview of LIDS, a Linux kernel patch that will allow users to take away the all-powerful nature of root in order to give programs exactly the access they need and no more. The first article in this series offered an overview of LIDS. This installment will look at file restrictions, LIDS File ACLs, and LIDS enhancements of Linux capabilities. http://www.linuxsecurity.com/articles/projects_article-3941.html +------------------------+ | Network Security News: | +------------------------+ * Hacker intrusion collusion creates 'perfect IDS' November 3rd, 2001 Three months after the infamous Def Con hacker fest back in July, a group of geeks have published data which they claim may prove to be the ultimate Intrusion Detection System (IDS) test bed. http://www.linuxsecurity.com/articles/intrusion_detection_article-3963.html * Protect Yourself with Secure Protocols November 2nd, 2001 Securing your network activity is not difficult, but it does require an awareness of how certain protocols work. This article will attempt to address these protocols and situations and suggest ways of adding security. http://www.linuxsecurity.com/articles/cryptography_article-3961.html * The 60 Minute Network Security Guide November 1st, 2001 This SNAC Guide addresses security "best practices" from the National Security Agency's Systems and Network Attack Center. It includes information on security policies, passwords, host security, buffer overflows, rootkits, and more. http://www.linuxsecurity.com/articles/network_security_article-3955.html * Guide to Firewall Selection and Policy Recommendations October 31st, 2001 A draft of the Guide to Firewall Selection and Policy Recommendations (.pdf format) is now available for public comment. This document is intended for technical managers in the firewall and network security areas, but it would also prove useful to those wishing to know more about firewall technology and recommended policies. http://www.linuxsecurity.com/articles/firewalls_article-3947.html * Transparent Proxying with Squid October 29th, 2001 Transparent proxying frees you from the hassle of setting up individual browsers to work with proxies. If you have a hundred, or a thousand, users on your network, it's a pain to set up each browser and to use proxies -- or to try to convince users to go into their preferences and type in these symbols they don't understand. http://www.linuxsecurity.com/articles/firewalls_article-3929.html +------------------------+ | Cryptography News: | +------------------------+ * DeCSS' DVD descrambler ruled legal November 1st, 2001 The Copy Control Association (CCA), which was granted a preliminary injunction against Andrew Bunner and other Webmasters, was handed its head in a California appellate court Thursday. The trial court had granted the injunction against publishing Jon Johansen's DeCSS DVD descrambler, but Brunner appealed on First Amendment free-speech grounds. http://www.linuxsecurity.com/articles/cryptography_article-3956.html +------------------------+ |Vendors/Tools/Products: | +------------------------+ * Nessus : another brick in the (security) wall November 3rd, 2001 Nessus is a free security scanner available from http://www.nessus.org. The project was started and is maintained by Renaud Deraison. The stable version at the time of this writing is 1.09 and the experimental one is 1.14. http://www.linuxsecurity.com/articles/intrusion_detection_article-3964.html * Freeware Security Web Tools October 31st, 2001 In today's e-commerce-enabled environment, a company's Web site is of paramount importance. Web sites are subject to daily attacks. Everything from defacement to denial of service attacks are launched against small "DotComs" and large multi-national corporations. The purpose of this article is to look at some freeware Linux tools the security-conscious administrator can use in the war against cyber attacks. http://www.linuxsecurity.com/articles/security_sources_article-3948.html * Tripwire aims to lock down routers, switches October 29th, 2001 Working from the idea that intruders can't do much lasting damage to your network if they can't make changes to files, Tripwire Inc. on Monday announced a new version of its security lockdown software, Tripwire for Routers and Switches. The product, formerly called Tripwire for Routers, monitors all the routers and switches on a network, determining baselines of activity and preferred configurations and tracking all changes made from a single console, said Dwayne Melancon, vice president of marketing, service and support at Portland, Ore.-based Tripwire. http://www.linuxsecurity.com/articles/intrusion_detection_article-3934.html +------------------------+ | General News: | +------------------------+ * $1 billion boost possible for IT security November 2nd, 2001 A $20 billion stimulus package in the works by Senate Democrats may include $1 billion to bankroll an information-technology fund, CNET News.com has learned. As proposed by Sen. Joseph Lieberman, D-Conn., the U.S. Office of Management and Budget would administer the fund and award money to projects that aim to further protect the United States' critical infrastructures, improve the security of government computer systems, or harden the nation's defenses against natural and manmade threats. http://www.linuxsecurity.com/articles/government_article-3958.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Nov 06 2001 - 08:53:18 PST