[ISN] Linux Security Week - February 25th 2002

From: InfoSec News (isnat_private)
Date: Mon Feb 25 2002 - 23:13:38 PST

  • Next message: InfoSec News: "[ISN] Outsourcing looms for core security"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  February 25th, 2002                          Volume 3, Number 8n   |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "Decentralise
    Linux security with Sudo," "Network Intrusion Detection Signatures," and
    "UnderLinux Interview with Core Netfilter Member."  Also this week, a
    cdrom bootable distribution for performing various types of forensic
    analysis, incident response, data recovery, virus scanning and pen-testing
    was released.  More information about this is available in the
    Vendors/Products section of this newsletter.
    This week, advisories were released for cups, snmp, hanterm,. uucp,
    ncurses, squid, and gnujsp.  The vendors include Caldera, Conectiva,
    Debian, FreeBSD, and Mandrake.
    FEATURE: Building a Virtual Honeynet - Hisham shares his experiences with
    building a virtual honeynet on his existing Linux box. He describes data
    capture and control techniques, the types of honeynets, and configuration
    changes to get one running on your system.
    ** FREE Apache SSL Guide from Thawte **    
    Planning Web Server Security? Find out how to implement SSL! Get the free
    Thawte Apache SSL Guide and find the answers to all your Apache SSL
    security issues and more at:
    Find technical and managerial positions available worldwide.  Visit the
    LinuxSecurity.com Career Center: http://careers.linuxsecurity.com
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * Flaws in LIDS, CUPS, and Sawmill
    February 20th, 2002
    Welcome to Security Alerts, an overview of recent Unix and open source
    security advisories. In this column, we look at a security vulnerability
    in LIDS; buffer overflows in CUPS, jgroff, Sun Solstice Enterprise Master
    Agent, and Ettercap; and problems in Sawmill, Faq-O-Matic, pforum, GNAT,
    Taylor UUCP, and IRIX O2 Video.
    * Transactional Security in BIND 9
    February 19th, 2002
    Like most Internet protocols, the Domain Name System (DNS) began its life
    without many built-in security mechanisms. DNS is, after all, a global,
    public naming service, so you don't normally care who queries your name
    server for data in the zones that you are responsible for maintaining.
    * Application security 'in a grim state'
    February 19th, 2002
    Application security is "in a grim state", according to new research.
    Almost half of application security vulnerabilities are readily
    exploitable through entirely preventable defects.
    * Decentralise Linux security with Sudo
    February 18th, 2002
    Although some of us administrators may hesitate to admit it, it is often
    necessary to relinquish some control and delegate responsibility,
    especially in multiadministrator environments. Fortunately, you can easily
    delegate administrative duties on your Linux systems without giving out
    the root password. Just use Sudo.
    | Network Security News: |
    * Most SNMP vulns quietly lurking
    February 22nd, 2002
    It's been over a week since CERT released a seemingly endless list of
    devices and software products containing SNMP vulnerabilities discovered
    by Finnish University of Oulu researchers, and to date very little bad has
    happened, no doubt to the disappointment of most news agencies.
    * Firewall Roundup: Offerings from SuSE, Mandrake, and Coyote Linux
    February 20th, 2002
    Whether you run a small business or large corporation -- or just have a
    desktop PC at home -- if you're connected to the Internet for any amount
    of time, you need a firewall to keep your data safe.
    * Network Intrusion Detection Signatures, Part 3
    February 20th, 2002
    This is the third in a series of articles on understanding and developing
    signatures for network intrusion detection systems. In Part One and Part
    Two, we examined the use of IP protocol header values, particularly TCP,
    UDP and ICMP, in network intrusion detection signatures.
    * UnderLinux Interviews Core Netfilter Member
    February 18th, 2002
    bit_of_love sent us a note about an interview with Harald Welte.
    "UnderLinux has an interesting interview with Harald Welte, member of
    netfilter/iptables project core team.
    |  Vendors/Products:     |
    * Biatchux Bootable CD Forensics Toolkit
    February 23rd, 2002
    Biatchux is a portable bootable cdrom based distribution capable of
    providing an immediate environment for performing forensics analysis,
    incident response, data recovery, virus scanning and pen-testing.
    * Linux for the paranoid
    February 21st, 2002
    Last weekend's CodeCon conference in San Francisco saw the launch of
    Tinfoil Hat Linux, a self-proclaimed "exercise in over engineering" and
    security. What started out as a secure, single floppy, bootable Linux
    distribution for storing PGP keys, and encrypting, signing and wiping
    files, turned into a useable Linux distribution for the totally paranoid.
    |  General News:         |
    * Disclosure Guidelines For Bug-Spotters Proposed
    February 24th, 2002
    A pair of computer security researchers are seeking comments on a proposal
    to bring order to the reporting and fixing of security holes in software,
    a process that frequently takes place in adversarial arenas
    * The World Wide Web Security FAQ
    February 20th, 2002
    The WWW Security FAQ has recently been updated. "This is the World Wide
    Web Security Frequently Asked Question list (FAQ). It attempts to answer
    some of the most frequently asked questions relating to the security
    implications of running a Web server and using Web browsers."
    * Why marketing-speak has no place in security
    February 19th, 2002
    If you pay attention to computer-security issues, you will no doubt have
    noticed the recent upsurge in security-related marketing. Oracle continues
    to tout its Oracle9i products as unbreakable, even though they patently
    are no such thing.
    * Open sourcers spice up security testing
    February 18th, 2002
    A group of open source developers dedicated to introducing an industry
    standard on security testing will be releasing the fruits of their labours
    later this month.  Ideahamster.org started working on the Open Source
    Security Testing Methodology Manual (OSSTMM ) last year after becoming
    "sick of reading bland testing methodology descriptions.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 02:33:58 PST