+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | February 11th, 2002 Volume 3, Number 6n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Running Your Firewall in runlevel 0," "Using ssh Port Forwarding to Print at Remote Locations," "Inside the Linux Packet Filter," and "Rethinking Public Key Infrastructures and Digital Certificates and Privacy." FEATURE: Using Chroot Securely - The chroot() function can be a powerful mechanism to secure your system, but only if used correctly. Anton provides a good foundation for implementing it in your programs and services running on your system. http://www.linuxsecurity.com/feature_stories/feature_story-99.html This week, advisories were released for pine, rsync, FreeBSD kernel, wmtv, and telnet. The vendors include Conectiva, Debian, FreeBSD, and Red Hat. http://www.linuxsecurity.com/articles/forums_article-4411.html Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Five years ago: McAfee finds first known Linux virus February 8th, 2002 Called Bliss, the virus is important because it is the first to attack Linux, a freeware variant of Unix that is often used in Web site administration. UNIX flavours have always been considered difficult to infect because administration rights are required to create the virus; McAfee believes that multi-user games played in administrator mode may have caused the problem. http://www.linuxsecurity.com/articles/host_security_article-4415.html +------------------------+ | Network Security News: | +------------------------+ * Running Your Firewall in runlevel 0 February 10th, 2002 Mike Murray describes how he patched the 2.2 Linux kernel to run an ipchains packet filtering firewall when the machine is halted. "As systems administrators, it's often funny how new and interesting information ends up in our hands. Sometimes, it's through an intentional course of study; other times, it seems to arrive by accident. http://www.linuxsecurity.com/articles/firewalls_article-4418.html * Using ssh Port Forwarding to Print at Remote Locations February 8th, 2002 Rory shows you how to connect the printing systems on different networks across the Internet in a secure manner. Whether you telecommute or not, you probably use some form of electronic connectivity to the office when you are not there. Can you check your work e-mail at home? http://www.linuxsecurity.com/articles/network_security_article-4413.html * Inside the Linux Packet Filter February 7th, 2002 In Part I of this two-part series on the Linux Packet Filter, Gianluca describes a packet's journey through the kernel. Network geeks among you may remember my article, ``Linux Socket Filter: Sniffing Bytes over the Network'', in the June 2001 issue of LJ, regarding the use of the packet filter built inside the Linux kernel. http://www.linuxsecurity.com/articles/firewalls_article-4410.html * Using Active FTP Clients Through an OpenBSD 3.0 Firewall February 5th, 2002 With release 3.0 the OpenBSD project replaced Darren Reed's ipf software with the more license friendly pf filtering software. While pf and ipf are very similar in overall design, there are many subtle differences bewteen the two. This paper will focus on one particular difference between the two, how to allow outbound active FTP access from clients protected by an OpenBSD 3.0 firewall. http://www.linuxsecurity.com/articles/server_security_article-4391.html +------------------------+ | Cryptography News: | +------------------------+ * First New Advanced Encryption Standard In 25 Years Approved February 10th, 2002 Secretary of Commerce, Don Evans, announced the National Institute of Standards and Technology?s (NIST; www.nist.gov), approval of a new information technology encryption standard for the federal government. http://www.linuxsecurity.com/articles/cryptography_article-4417.html * Encryption Leaves DES Behind February 7th, 2002 A nice summary of all the issues pertaining to AES and how it has replaced DES as the encryption standard. "Nothing moves fast in the world of encryption, which may help explain why the U.S. is only now about to leave 56-bit DES behind for new encryption schemes. http://www.linuxsecurity.com/articles/cryptography_article-4409.html * The encrypted jihad February 5th, 2002 Ironically, winning possession of computer equipment on the battlefield may be the easy part; terrorists today have the capacity to protect data with encryption schemes that not even America's high-tech big guns can crack. The number of possible keys in the new 256-bit Advanced Encryption Standard (AES), for example, is 1 followed by 77 zeros -- a figure comparable to the total number of atoms in the universe. http://www.linuxsecurity.com/articles/cryptography_article-4392.html * Rethinking Public Key Infrastructures and Digital Certificates and Privacy February 4th, 2002 This is a background book for technical staff and some managers involved in e-commerce or its implementations. Its focus is clearly described by its title and does not wander from that topic. Much of the content is academic and very mathematical. http://www.linuxsecurity.com/articles/security_sources_article-4384.html +------------------------+ | Vendors/Products: | +------------------------+ * Linux security auditing to get a boost February 6th, 2002 Funded by the Defense Advanced Research Project Agency, the same organization to initially bankroll the predecessor to the Internet, the Sardonix Audit Portal aims to be the one-stop portal for organizing the efforts of critical code reviewers everywhere and boost the frequency with which programmers critique the code of others. http://www.linuxsecurity.com/articles/host_security_article-4397.html * Hardened OSes Boost E-commerce Security February 6th, 2002 Enter the resurrection of the TOS (trusted operating system), a relic from the early '80s developed for military and government security. Considered by many to be too expensive and complicated to implement and maintain, TOSes failed to catch on when introduced to the commercial sector and instead were pigeonholed into the financial industry. http://www.linuxsecurity.com/articles/server_security_article-4401.html +------------------------+ | General News: | +------------------------+ * Securing Your Enterprise Email with Digital IDs February 8th, 2002 Do people in your company send confidential information to business partners or remote employees via Internet email? Are they using some form of digital ID system to secure their communications? If they're not, any sensitive information contained in those messages is at risk as the email travels across the Internet. http://www.linuxsecurity.com/articles/cryptography_article-4416.html * Cybersecurity a Top Priority February 8th, 2002 The unusual announcements from three of the technology industry's most powerful men came just weeks apart. Microsoft Corp. Chairman Bill Gates declared that making his company's software less vulnerable to security breaches would take precedence over adding new features. http://www.linuxsecurity.com/articles/general_article-4412.html * Site to pool scrutiny of Linux security February 7th, 2002 A government-funded initiative announced Tuesday aims to boost code review of open-source software to prevent security holes. Funded by the Defense Advanced Research Project Agency, the same organization to initially bankroll the predecessor to the Internet, the Sardonix Audit Portal aims to be the one-stop portal for organizing the efforts of critical code reviewers everywhere and boost the frequency with which programmers critique the code of others. http://www.linuxsecurity.com/articles/projects_article-4405.html * Analysts: Security's where the money is February 7th, 2002 Two segments of the computer-security industry should shake off the general tech-market malaise and score double-digit growth this year, a pair of market researchers said Monday. Gartner analyst firm Dataquest forecast that the worldwide security-software market will grow to $4.3 billion this year, up 18 percent from $3.6 billion in 2001. http://www.linuxsecurity.com/articles/security_sources_article-4408.html * Outside Hackers vs. the Enemy Within: Who's Worse? February 5th, 2002 The 2001 Computer Crime and Security Survey from the Federal Bureau of Investigation and the Computer Security Institute makes it clear that cybercrime is on the rise. But for the first time, according to survey respondents, incidents precipitated by outside hackers outnumbered those originated by internal threats. http://www.linuxsecurity.com/articles/hackscracks_article-4396.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Feb 12 2002 - 04:47:26 PST