[ISN] Linux Security Week - March 4th 2002

From: InfoSec News (isnat_private)
Date: Tue Mar 05 2002 - 00:20:02 PST

  • Next message: InfoSec News: "[ISN] Stop Him Before He Hacks Again"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  March 4th, 2002                              Volume 3, Number 9n   |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "Masquerading
    Made Simple HOWTO," "Network Security with /proc/sys/net/ipv4,"  
    "Wireless Authentication Gateway HOWTO," and "Sniffers: What They Are and
    How to Protect Yourself."
    FEATURE: Building a VPN Using Yavipin - Yavipin is a package that can be
    used to build a VPN between two hosts using some of the most advanced and
    sophisticated cryptography available. Learn more about the VPN that
    focuses on network efficiency, usability, and is highly secure.
    This week, advisories were released for ucd-snmp, cups, cyrus-sasl,
    squid-cron, Listar, php, mod_ssl, and the Red Hat Kernel.  The vendors
    include Conectiva, Debian, EnGarde, Mandrake, Red Hat, SuSE, and Trustix.
    Security & Simplicity, Finally! - Are you looking for a solution that
    provides the applications necessary to easily create thousands of virtual
    Web sites, manage e-mail, DNS, firewalling database functions for an
    entire organization, and supports high-speed broadband connections all
    using a Web-based front-end? EnGarde Secure Professional provides those
    features and more!
      --> http://store.guardiandigital.com 
    Find technical and managerial positions available worldwide.  Visit the
    LinuxSecurity.com Career Center: http://careers.linuxsecurity.com
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * OpenSSH key management, Part 3
    February 28th, 2002
    In this third article in a series, Daniel Robbins shows you how to take
    advantage of OpenSSH agent connection forwarding to enhance security. He
    also shares recent improvements to the keychain shell script.
    * Flaws found in PHP scripting language
    February 28th, 2002
    A flaw in the common open-source scripting language PHP could allow
    attackers to crash or compromise a hefty fraction of the nine million
    servers running the open-source Web software Apache, as well as other Web
    | Network Security News: |
    * Masquerading Made Simple HOWTO
    March 3rd, 2002
    This document describes how to enable the Linux IP Masquerade feature on a
    given Linux host. IP Masq is a form of Network Address Translation or NAT
    that allows internally networked computers that do not have one or more
    registered Internet IP addresses to have the ability to communicate to the
    Internet via your Linux boxes single Internet IP address.
    * Securing Small Networks with OpenBSD
    March 1st, 2002
    This article describes the design and implementation of a small network
    with a split private/DMZ design that allows a high level of protection for
    its users while making some services available to the outside world. The
    design is easy to implement and administer, even for beginners, and can
    serve as a foundation for custom security installations.
    * Network Security with /proc/sys/net/ipv4
    March 1st, 2002
    David Lechnyr submitted a paper he wrote on how to use /proc to tune
    network security settings. "In additional to firewall rulesets, the /proc
    filesystem offers some significant enhancements to your network security
    * Wireless Authentication Gateway HOWTO
    February 28th, 2002
    There are many concerns with the security of wireless networks and public
    access areas such as libraries or dormitories. These concerns are not met
    with current security implementations. A work around has been proposed by
    using an authentication gateway. This gateway addresses the security
    concerns by forcing the user to authenticate in order to use the network.
    * Sniffers: What They Are and How to Protect Yourself
    February 27th, 2002
    Matthew Tanase from SecurityFocus.com writes, "Have you ever thought about
    how your computer talks with others on a network? Would you like to listen
    to, or "sniff", the conversation? Network engineers, system
    administrators, security professionals and, unfortunately, crackers have
    long used a tool that allows them to do exactly that.
    |  Cryptography:         |
    * Commerce Dept Fines Company For Illegal Crypto Exports
    February 27th, 2002
    The federal body that regulates exports has fined San Diego firm Neopoint
    Inc. $95,000 for exporting strong encryption software to Korean companies
    without the necessary government approval. The Commerce Department's
    Bureau of Export Administration imposed the fine after learning that
    Neopoint had exported 128-bit encryption software to two companies in
    South Korea without obtaining proper licenses.
    |  Vendors/Products:     |
    * Paranoid II - The Revenge of TinFoil Hat
    February 26th, 2002
    TinFoil Hat Linux is a small Linux distribution that can be easily booted
    from a floppy disk. As from my perspective its two best sides are that you
    have your ring pair backuped on one place and that you can securely
    encrypt and decrypt files wherever you are located.
    |  General News:         |
    * Corporates sign up for computer forensics training
    March 3rd, 2002
    A growing number of businesses are choosing to do their own research into
    cybercrime rather than go to the police, and are signing up for forensics
    training to help them uncover employee misdeeds and security breaches,
    according to Guidance Software Inc.
    * Flaw weakens Linux security software
    March 1st, 2002
    Programmers have found a vulnerability in Linux that could allow
    protective firewall software to grant malicious computer users access to
    protected networks. The flaw, which affects versions 2.4.14 through
    2.4.18-pre9 of the Linux kernel, is in a component of the Netfilter
    firewall software.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Mar 05 2002 - 04:11:23 PST