+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | January 7th, 2002 Volume 3, Number 1n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Chrooting All Services in Linux," "Snort-Setup for Statistics HOWTO," "Non-stop authentication with Linux clusters," and "Building a Linux Firewall." Get 10% Off & FREE Shipping for all Guardian Digital secure servers! Visit Guardian Digital's online store for details: http://store.guardiandigital.com The week advisories were released for mailman, mutt, glibc, and libgtop. The vendors include Conectiva, Debian, and Red Hat. Packages such as mailman and glibc were referenced in last week's newsletter. http://www.linuxsecurity.com/articles/forums_article-4237.html Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Vulnerability in encrypted loop device for Linux January 3rd, 2002 The following text describes a security hole in the encrypted loop device for linux. Because of it, an attacker is able to modify the content of the encrypted device without being detected. This text proposes to fix the hole by authenticating the device. http://www.linuxsecurity.com/articles/cryptography_article-4229.html * Chrooting All Services in Linux January 3rd, 2002 Chrooted system services improve security by limiting damage that someone who broke into the system can possibly do. What is chroot? Chroot basically redefines the universe for a program. More accurately, it redefines the "ROOT" directory or "/" for a program or login session. Basically, everything outside of the directory you use chroot on doesn't exist as far a program or shell is concerned. http://www.linuxsecurity.com/articles/server_security_article-4233.html * Predictable Passwords Simplify a Hacker's Task December 31st, 2001 Even those who are vigilant about guarding passwords may be giving away more than they think. The problem is that computer passwords have evolved into the personality test of a networked society, as millions of people try to sum up their essence through a few taps on the keyboard. http://www.linuxsecurity.com/articles/host_security_article-4219.html * The OpenAntivirus Project December 31st, 2001 OpenAntiVirus is a platform for people seriously interested in anti-virus research, network security and computer security to communicate with each other, to develop solutions for various security problems, and to develop new security technologies. http://www.linuxsecurity.com/articles/projects_article-4218.html +------------------------+ | Network Security News: | +------------------------+ * Snort-Setup for Statistics HOWTO January 4th, 2002 This HOWTO describes how to configure Snort version 1.8.3 to be used in conjunction with the statistical tools ACID (Analysis Console for Intrusion Databases) and SnortSnarf. It also intends to get some internal statistics out of snort, e.g. if there are packets dropped. http://www.linuxsecurity.com/articles/intrusion_detection_article-4240.html * A Rough Year for SSH January 3rd, 2002 Just as 2000 was a rough year for firewalls, with holes blown in both commercial and open-source products, 2001 was a most uncomfortable year for the secure shell, or ssh. Several groups focused their attentions on this cornerstone of the net, and several problems emerged. ssh has emerged from this scrutiny a stronger product. < http://www.linuxsecurity.com/articles/cryptography_article-4230.html * Non-stop authentication with Linux clusters January 3rd, 2002 We use an LDAP (Lightweight Directory Access Protocol) server to provide authentication services to which various applications can subscribe. To provide a highly available LDAP server, we use the heartbeat package from the Linux-HA initiative (www.linux-ha.org). We also provide an example of setting up the Apache web server to use LDAP authentication. http://www.linuxsecurity.com/articles/network_security_article-4232.html * Building a Linux Firewall January 3rd, 2002 The 2.4 Kernel of Linux has a great tool called netfilter, which is a framework for creating firewalls. Many new Linux distributions such as RedHat 7.1 come with basic firewall rulesets that allow you to automatically create low, medium, or high security firewalls during installation. http://www.linuxsecurity.com/articles/firewalls_article-4236.html +------------------------+ | Vendors/Products: | +------------------------+ * Security shopping lists made for the New Year January 2nd, 2002 "Smart cards, USB tokens, and biometrics will be some of the hot areas because companies, organizations, and others are beginning to realize they need to have a better handle on who's coming and going," Kolodgy said. " http://www.linuxsecurity.com/articles/general_article-4222.html * Guardian Digital Launches Online Career Center January 2nd, 2002 Guardian Digital, pioneers in Linux and open source security, today released its worldwide online career center. Encompassing more than 30,000 jobs within the Linux and open source fields, http://careers.linuxsecurity.com has the hottest jobs within high profile industries including computer security and consulting. http://www.linuxsecurity.com/articles/security_sources_article-4224.html +------------------------+ | General News: | +------------------------+ * Carnivore: Turning Snooping Into Art January 5th, 2002 It's a privacy-busting boogeyman to civil libertarians, an anti-terror panacea to lawmakers. And now Carnivore, the FBI's infamous Internet surveillance program, has become an inspiration to a group of the Web's leading artists. http://www.linuxsecurity.com/articles/privacy_article-4241.html * Bug watch: No such thing as secure IT January 4th, 2002 Each week vnunet.com asks a different expert from the IT security world to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. http://www.linuxsecurity.com/articles/general_article-4238.html * Rare Linux virus on the loose January 3rd, 2002 It has emerged in the last week that another of those rare Linux viruses may be on the loose. And this one has strong similarities to October's Remote Shell Trojan (RST) that was largely dismissed by the Linux community. http://www.linuxsecurity.com/articles/hackscracks_article-4235.html * Swatting Persistent Security Pests December 31st, 2001 Nice summary of the various network threats on the Internet in 2001. "DoS attacks, worms, and wireless vulnerabilities constantly hover at the edges of your networks. Squash these bugs before they bite. DoS and Distributed DoS (DDoS) attacks are well understood. http://www.linuxsecurity.com/articles/network_security_article-4220.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jan 08 2002 - 05:45:15 PST