+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 12th, 2001 Volume 2, Number 45n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Fingerprinting Port 80 Attacks," "On the Security of PHP," "IPTables/NetFilter: Linux's Next-Generation Stateful Packet Filter," and "Virtual Honeynets." This week, advisories were released for procmail, lpd, webalizer, sendmail, w3m, htdig, iptables, and the Linux kernel. The vendors include Caldera, Conectiva, EnGarde, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-3996.html ### SECURE YOUR APACHE SERVERS WITH 128-BIT SSL ENCRYPTION ### Guarantee transmitted data integrity, secure all communication sessions and more with SSL encryption from Thawte - a leading global certificate provider for the Open Source community. Learn more in our FREE GUIDE--click here to get it now: --> http://www.gothawte.com/rd89.html * Don't Risk your network installing an insecure OS * EnGarde was designed from the ground up as a secure solution, starting with the principle of least privilege, and carrying it through every aspect of its implementation. * http://www.engardelinux.org +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Imp Webmail session hijacking vulnerability November 12th, 2001 A search for one kind of problem led analysts at the CERT Coordination Center to find another. In August, the security organization had begun to contact vendors to get lpd codes from the makers of various printers in an attempt to create a clearer picture of vulnerabilities surrounding the software packages known as Internet Security Scanners, said Jason Rafail, a security analyst at CERT, which is based at Carnegie Mellon University in Pittsburgh. http://www.linuxsecurity.com/articles/server_security_article-4004.html * LIDS FAQ v0.15 November 11th, 2001 Version 0.15 of the LIDS FAQ is now available. LIDS is an enhancement for the Linux kernel written by Xie Huagang and Philippe Biondi. It implements several security features that are not in the Linux kernel natively. Some of these include: mandatory access controls (MAC), a port scan detector, file protection (even from root), and process protection. http://www.linuxsecurity.com/articles/intrusion_detection_article-4003.html * On the Security of PHP November 7th, 2001 This article will provide you an overview of various security issues with PHP and offer advice on secure PHP programming practices. PHP has achieved a stable and solid presence on the Web in the last several years, and its popularity as a server-side scripting language is only increasing. Its primary use is for providing dynamically generated interfaces between Web users and the host. http://www.linuxsecurity.com/articles/server_security_article-3982.html * Fingerprinting Port 80 Attacks November 6th, 2001 CGIsecurity.com recently wrote a paper on fingerprinting port80 attacks." These holes can allow an attacker to gain either administrative access to the website, or even the web server itself. This paper looks at some of the signatures that are used in these attacks, and what to look for in your logs. http://www.linuxsecurity.com/articles/server_security_article-3978.html +------------------------+ | Network Security News: | +------------------------+ * Virtual Honeynets November 8th, 2001 A honeynet is a very valuable tool for research, intelligence and education: by knowing the methods an intruder uses we can better detect break-ins in the future. Information gathered from honeynets casn be analysed to monitor attack trends. The information collected from a honeynet can also be used to educate people. http://www.linuxsecurity.com/articles/network_security_article-3993.html * Security policies prove inadequate November 8th, 2001 Firms are exposing themselves to security risks by failing to implement effective policies, say security experts. A study of 100 British IT directors undertaken by IT services provider GAP indicates that even if firms have drawn up security policies, they were frequently inadequate. According to the research, one in five firms expose themselves to the risk of virus infections, by not preventing the introduction of external files to their network. http://www.linuxsecurity.com/articles/projects_article-3994.html * IPTables/NetFilter - Linux's Next-Generation Stateful Packet Filter November 8th, 2001 The IPTables/NetFilter application is considered to be the fourth generation of Linux packet filtering implementations. The first generation was Alan Cox's port of BSD UNIX's ipfw to Linux 1.1. Jos Vos and others extended this and added the ipfwadm user tool for manipulating the rules for filtering in the Linux 2.0 kernel. Paul "Rusty" Russell and Michael Neuling made some significant modifications to the 2.2 Linux kernel, and Russell added the user tool ipchains for controlling filtering rules for this kernel. http://www.linuxsecurity.com/articles/firewalls_article-3995.html * Centralise security for success November 7th, 2001 As we take security more seriously, as we put more obstacles between the outside world and the inner secrets of our PCs, we're complicating our lives -- in both good ways and bad. On the plus side, we are more securely guarding our private data. On the other hand, as we increase the number of permissions and passwords, we create a bigger job for corporate IT departments. http://www.linuxsecurity.com/articles/general_article-3985.html +------------------------+ | Cryptography News: | +------------------------+ * Analysis of SSH crc32 compensation attack detector exploit November 11th, 2001 DoS attackers are relying more on automated tools, which lower the level of technical knowledge necessary to launch a successful attack. Experts are warning that crippling denial of service (DoS) attacks have become easier to launch, with automated tools and newer methods that tie up more computer and Internet resources than ever. http://www.linuxsecurity.com/articles/intrusion_detection_article-4002.html +------------------------+ | Vendors/Products: | +------------------------+ * Outsource your security November 6th, 2001 Alonzo Ellis and I were having lunch in a sunny bistro just outside of Washington, DC. Not far away, the blackened scar on the side of the Pentagon bore witness to the day that changed everything. "If they didn't know about security in the past, they certainly know about it now," Ellis said. Ellis, CTO of Imperito Networks, had been talking about communications security. http://www.linuxsecurity.com/articles/general_article-3975.html * New Linux tool boosts security November 6th, 2001 A small Australian company has released a Linux-based security tool it hopes will help speed corporate acceptance of the open-source operating system. InterSect Alliance has developed the first security auditing system for Linux, beating much larger organizations to the punch. Its new tool, SNARE (System Intrusion Analysis and Reporting Environment), is the first intrusion detection system to reside on individual computers rather than a network, according to Leigh Purdie, principal security consultant for InterSect. http://www.linuxsecurity.com/articles/vendors_products_article-3979.html +------------------------+ | General News: | +------------------------+ * Linux security self-censorship ominous November 8th, 2001 October was a bad month for proponents of full disclosure. First, Microsoft's Scott Culp argued in an essay that security researchers shouldn't reveal the nature of security holes in software. Then Culp may have found an unexpected ally in his war against full disclosure: Linux's second-in-command, Alan Cox. http://www.linuxsecurity.com/articles/forums_article-3992.html * Security issue will be fixed - experts November 8th, 2001 Throughout the dot-com boom to bust, security and privacy issues have continued to be underestimated in terms of importance to e-business. Australian experts warn this may cause more failures, while simultaneously claiming these issues "will be fixed". http://www.linuxsecurity.com/articles/general_article-3991.html * Basic Security Checklist for Home and Office Users November 6th, 2001 This article will offer readers a simple basic security checklist that will enable users and managers to increase the security level in their organization without any additional financial investment. It is axiomatic in computer security that the weakest link in the security chain is user error. Since the measures listed below are aimed at promoting secure user behavior, they are extremely effective in lowering the risk of a security breach. http://www.linuxsecurity.com/articles/host_security_article-3973.html * OpenBSD: The most secure OS around November 5th, 2001 Unlike other operating systems, with the exception of close relative NetBSD, the open source OpenBSD was built from the ground up to be secure. How do they do it? In no small part, it's by constantly auditing the operating system's code for potential security problems. http://www.linuxsecurity.com/articles/host_security_article-3970.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 02:25:15 PST