[ISN] Linux Security Week - January 7th 2002

From: InfoSec News (isnat_private)
Date: Tue Jan 08 2002 - 00:54:37 PST

  • Next message: InfoSec News: "Re: [ISN] Security exec picked for board"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  January 7th, 2002                            Volume 3, Number 1n   |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "Chrooting All
    Services in Linux," "Snort-Setup for Statistics HOWTO," "Non-stop
    authentication with Linux clusters," and "Building a Linux Firewall."
    Get 10% Off & FREE Shipping for all Guardian Digital secure servers! Visit
    Guardian Digital's online store for details:
    The week advisories were released for mailman, mutt, glibc, and libgtop.  
    The vendors include Conectiva, Debian, and Red Hat.  Packages such as
    mailman and glibc were referenced in last week's newsletter.
     Find technical and managerial positions available worldwide.  Visit
     the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com 
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * Vulnerability in encrypted loop device for Linux
    January 3rd, 2002
    The following text describes a security hole in the encrypted loop device
    for linux. Because of it, an attacker is able to modify the content of the
    encrypted device without being detected. This text proposes to fix the
    hole by authenticating the device.
    * Chrooting All Services in Linux
    January 3rd, 2002
    Chrooted system services improve security by limiting damage that someone
    who broke into the system can possibly do. What is chroot? Chroot
    basically redefines the universe for a program. More accurately, it
    redefines the "ROOT" directory or "/"  for a program or login session.
    Basically, everything outside of the directory you use chroot on doesn't
    exist as far a program or shell is concerned.
    * Predictable Passwords Simplify a Hacker's Task
    December 31st, 2001
    Even those who are vigilant about guarding passwords may be giving away
    more than they think. The problem is that computer passwords have evolved
    into the personality test of a networked society, as millions of people
    try to sum up their essence through a few taps on the keyboard.
    * The OpenAntivirus Project
    December 31st, 2001
    OpenAntiVirus is a platform for people seriously interested in anti-virus
    research, network security and computer security to communicate with each
    other, to develop solutions for various security problems, and to develop
    new security technologies.
    | Network Security News: |
    * Snort-Setup for Statistics HOWTO
    January 4th, 2002
    This HOWTO describes how to configure Snort version 1.8.3 to be used in
    conjunction with the statistical tools ACID (Analysis Console for
    Intrusion Databases) and SnortSnarf. It also intends to get some internal
    statistics out of snort, e.g. if there are packets dropped.
    * A Rough Year for SSH
    January 3rd, 2002
    Just as 2000 was a rough year for firewalls, with holes blown in both
    commercial and open-source products, 2001 was a most uncomfortable year
    for the secure shell, or ssh. Several groups focused their attentions on
    this cornerstone of the net, and several problems emerged. ssh has emerged
    from this scrutiny a stronger product. <
    * Non-stop authentication with Linux clusters
    January 3rd, 2002
    We use an LDAP (Lightweight Directory Access Protocol) server to provide
    authentication services to which various applications can subscribe. To
    provide a highly available LDAP server, we use the heartbeat package from
    the Linux-HA initiative (www.linux-ha.org). We also provide an example of
    setting up the Apache web server to use LDAP authentication.
    * Building a Linux Firewall
    January 3rd, 2002
    The 2.4 Kernel of Linux has a great tool called netfilter, which is a
    framework for creating firewalls. Many new Linux distributions such as
    RedHat 7.1 come with basic firewall rulesets that allow you to
    automatically create low, medium, or high security firewalls during
    |  Vendors/Products:     |
    * Security shopping lists made for the New Year
    January 2nd, 2002
    "Smart cards, USB tokens, and biometrics will be some of the hot areas
    because companies, organizations, and others are beginning to realize they
    need to have a better handle on who's coming and going," Kolodgy said.  "
    * Guardian Digital Launches Online Career Center
    January 2nd, 2002
    Guardian Digital, pioneers in Linux and open source security, today
    released its worldwide online career center. Encompassing more than 30,000
    jobs within the Linux and open source fields,
    http://careers.linuxsecurity.com has the hottest jobs within high profile
    industries including computer security and consulting.
    |  General News:         |
    * Carnivore: Turning Snooping Into Art
    January 5th, 2002
    It's a privacy-busting boogeyman to civil libertarians, an anti-terror
    panacea to lawmakers. And now Carnivore, the FBI's infamous Internet
    surveillance program, has become an inspiration to a group of the Web's
    leading artists.
    * Bug watch: No such thing as secure IT
    January 4th, 2002
    Each week vnunet.com asks a different expert from the IT security world to
    give their views on recent virus and security issues, with advice,
    warnings and information on the latest threats.
    * Rare Linux virus on the loose
    January 3rd, 2002
    It has emerged in the last week that another of those rare Linux viruses
    may be on the loose. And this one has strong similarities to October's
    Remote Shell Trojan (RST) that was largely dismissed by the Linux
    * Swatting Persistent Security Pests
    December 31st, 2001
    Nice summary of the various network threats on the Internet in 2001. "DoS
    attacks, worms, and wireless vulnerabilities constantly hover at the edges
    of your networks.  Squash these bugs before they bite. DoS and Distributed
    DoS (DDoS) attacks are well understood.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Jan 08 2002 - 05:45:15 PST