+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | February 25th, 2002 Volume 3, Number 8n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Decentralise Linux security with Sudo," "Network Intrusion Detection Signatures," and "UnderLinux Interview with Core Netfilter Member." Also this week, a cdrom bootable distribution for performing various types of forensic analysis, incident response, data recovery, virus scanning and pen-testing was released. More information about this is available in the Vendors/Products section of this newsletter. This week, advisories were released for cups, snmp, hanterm,. uucp, ncurses, squid, and gnujsp. The vendors include Caldera, Conectiva, Debian, FreeBSD, and Mandrake. http://www.linuxsecurity.com/articles/forums_article-4493.html FEATURE: Building a Virtual Honeynet - Hisham shares his experiences with building a virtual honeynet on his existing Linux box. He describes data capture and control techniques, the types of honeynets, and configuration changes to get one running on your system. http://www.linuxsecurity.com/feature_stories/feature_story-100.html ** FREE Apache SSL Guide from Thawte ** Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.gothawte.com/rd182.html Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Flaws in LIDS, CUPS, and Sawmill February 20th, 2002 Welcome to Security Alerts, an overview of recent Unix and open source security advisories. In this column, we look at a security vulnerability in LIDS; buffer overflows in CUPS, jgroff, Sun Solstice Enterprise Master Agent, and Ettercap; and problems in Sawmill, Faq-O-Matic, pforum, GNAT, Taylor UUCP, and IRIX O2 Video. http://www.linuxsecurity.com/articles/server_security_article-4484.html * Transactional Security in BIND 9 February 19th, 2002 Like most Internet protocols, the Domain Name System (DNS) began its life without many built-in security mechanisms. DNS is, after all, a global, public naming service, so you don't normally care who queries your name server for data in the zones that you are responsible for maintaining. http://www.linuxsecurity.com/articles/server_security_article-4474.html * Application security 'in a grim state' February 19th, 2002 Application security is "in a grim state", according to new research. Almost half of application security vulnerabilities are readily exploitable through entirely preventable defects. http://www.linuxsecurity.com/articles/server_security_article-4475.html * Decentralise Linux security with Sudo February 18th, 2002 Although some of us administrators may hesitate to admit it, it is often necessary to relinquish some control and delegate responsibility, especially in multiadministrator environments. Fortunately, you can easily delegate administrative duties on your Linux systems without giving out the root password. Just use Sudo. http://www.linuxsecurity.com/articles/host_security_article-4467.html +------------------------+ | Network Security News: | +------------------------+ * Most SNMP vulns quietly lurking February 22nd, 2002 It's been over a week since CERT released a seemingly endless list of devices and software products containing SNMP vulnerabilities discovered by Finnish University of Oulu researchers, and to date very little bad has happened, no doubt to the disappointment of most news agencies. http://www.linuxsecurity.com/articles/network_security_article-4494.html * Firewall Roundup: Offerings from SuSE, Mandrake, and Coyote Linux February 20th, 2002 Whether you run a small business or large corporation -- or just have a desktop PC at home -- if you're connected to the Internet for any amount of time, you need a firewall to keep your data safe. http://www.linuxsecurity.com/articles/firewalls_article-4480.html * Network Intrusion Detection Signatures, Part 3 February 20th, 2002 This is the third in a series of articles on understanding and developing signatures for network intrusion detection systems. In Part One and Part Two, we examined the use of IP protocol header values, particularly TCP, UDP and ICMP, in network intrusion detection signatures. http://www.linuxsecurity.com/articles/intrusion_detection_article-4479.html * UnderLinux Interviews Core Netfilter Member February 18th, 2002 bit_of_love sent us a note about an interview with Harald Welte. "UnderLinux has an interesting interview with Harald Welte, member of netfilter/iptables project core team. http://www.linuxsecurity.com/articles/firewalls_article-4464.html +------------------------+ | Vendors/Products: | +------------------------+ * Biatchux Bootable CD Forensics Toolkit February 23rd, 2002 Biatchux is a portable bootable cdrom based distribution capable of providing an immediate environment for performing forensics analysis, incident response, data recovery, virus scanning and pen-testing. http://www.linuxsecurity.com/articles/intrusion_detection_article-4498.html * Linux for the paranoid February 21st, 2002 Last weekend's CodeCon conference in San Francisco saw the launch of Tinfoil Hat Linux, a self-proclaimed "exercise in over engineering" and security. What started out as a secure, single floppy, bootable Linux distribution for storing PGP keys, and encrypting, signing and wiping files, turned into a useable Linux distribution for the totally paranoid. http://www.linuxsecurity.com/articles/organizations_events_article-4490.html +------------------------+ | General News: | +------------------------+ * Disclosure Guidelines For Bug-Spotters Proposed February 24th, 2002 A pair of computer security researchers are seeking comments on a proposal to bring order to the reporting and fixing of security holes in software, a process that frequently takes place in adversarial arenas http://www.linuxsecurity.com/articles/security_sources_article-4499.html * The World Wide Web Security FAQ February 20th, 2002 The WWW Security FAQ has recently been updated. "This is the World Wide Web Security Frequently Asked Question list (FAQ). It attempts to answer some of the most frequently asked questions relating to the security implications of running a Web server and using Web browsers." http://www.linuxsecurity.com/articles/documentation_article-4483.html * Why marketing-speak has no place in security February 19th, 2002 If you pay attention to computer-security issues, you will no doubt have noticed the recent upsurge in security-related marketing. Oracle continues to tout its Oracle9i products as unbreakable, even though they patently are no such thing. http://www.linuxsecurity.com/articles/general_article-4470.html * Open sourcers spice up security testing February 18th, 2002 A group of open source developers dedicated to introducing an industry standard on security testing will be releasing the fruits of their labours later this month. Ideahamster.org started working on the Open Source Security Testing Methodology Manual (OSSTMM ) last year after becoming "sick of reading bland testing methodology descriptions. http://www.linuxsecurity.com/articles/projects_article-4465.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 02:33:58 PST