+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 4th, 2002 Volume 3, Number 9n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Masquerading Made Simple HOWTO," "Network Security with /proc/sys/net/ipv4," "Wireless Authentication Gateway HOWTO," and "Sniffers: What They Are and How to Protect Yourself." FEATURE: Building a VPN Using Yavipin - Yavipin is a package that can be used to build a VPN between two hosts using some of the most advanced and sophisticated cryptography available. Learn more about the VPN that focuses on network efficiency, usability, and is highly secure. http://www.linuxsecurity.com/feature_stories/yavipin-vpn.html This week, advisories were released for ucd-snmp, cups, cyrus-sasl, squid-cron, Listar, php, mod_ssl, and the Red Hat Kernel. The vendors include Conectiva, Debian, EnGarde, Mandrake, Red Hat, SuSE, and Trustix. http://www.linuxsecurity.com/articles/forums_article-4526.html Security & Simplicity, Finally! - Are you looking for a solution that provides the applications necessary to easily create thousands of virtual Web sites, manage e-mail, DNS, firewalling database functions for an entire organization, and supports high-speed broadband connections all using a Web-based front-end? EnGarde Secure Professional provides those features and more! --> http://store.guardiandigital.com Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * OpenSSH key management, Part 3 February 28th, 2002 In this third article in a series, Daniel Robbins shows you how to take advantage of OpenSSH agent connection forwarding to enhance security. He also shares recent improvements to the keychain shell script. http://www.linuxsecurity.com/articles/cryptography_article-4524.html * Flaws found in PHP scripting language February 28th, 2002 A flaw in the common open-source scripting language PHP could allow attackers to crash or compromise a hefty fraction of the nine million servers running the open-source Web software Apache, as well as other Web servers http://www.linuxsecurity.com/articles/server_security_article-4525.html +------------------------+ | Network Security News: | +------------------------+ * Masquerading Made Simple HOWTO March 3rd, 2002 This document describes how to enable the Linux IP Masquerade feature on a given Linux host. IP Masq is a form of Network Address Translation or NAT that allows internally networked computers that do not have one or more registered Internet IP addresses to have the ability to communicate to the Internet via your Linux boxes single Internet IP address. http://www.linuxsecurity.com/articles/documentation_article-4532.html * Securing Small Networks with OpenBSD March 1st, 2002 This article describes the design and implementation of a small network with a split private/DMZ design that allows a high level of protection for its users while making some services available to the outside world. The design is easy to implement and administer, even for beginners, and can serve as a foundation for custom security installations. http://www.linuxsecurity.com/articles/firewalls_article-4530.html * Network Security with /proc/sys/net/ipv4 March 1st, 2002 David Lechnyr submitted a paper he wrote on how to use /proc to tune network security settings. "In additional to firewall rulesets, the /proc filesystem offers some significant enhancements to your network security settings. http://www.linuxsecurity.com/articles/network_security_article-4528.html * Wireless Authentication Gateway HOWTO February 28th, 2002 There are many concerns with the security of wireless networks and public access areas such as libraries or dormitories. These concerns are not met with current security implementations. A work around has been proposed by using an authentication gateway. This gateway addresses the security concerns by forcing the user to authenticate in order to use the network. http://www.linuxsecurity.com/articles/documentation_article-4523.html * Sniffers: What They Are and How to Protect Yourself February 27th, 2002 Matthew Tanase from SecurityFocus.com writes, "Have you ever thought about how your computer talks with others on a network? Would you like to listen to, or "sniff", the conversation? Network engineers, system administrators, security professionals and, unfortunately, crackers have long used a tool that allows them to do exactly that. http://www.linuxsecurity.com/articles/host_security_article-4511.html +------------------------+ | Cryptography: | +------------------------+ * Commerce Dept Fines Company For Illegal Crypto Exports February 27th, 2002 The federal body that regulates exports has fined San Diego firm Neopoint Inc. $95,000 for exporting strong encryption software to Korean companies without the necessary government approval. The Commerce Department's Bureau of Export Administration imposed the fine after learning that Neopoint had exported 128-bit encryption software to two companies in South Korea without obtaining proper licenses. http://www.linuxsecurity.com/articles/government_article-4509.html +------------------------+ | Vendors/Products: | +------------------------+ * Paranoid II - The Revenge of TinFoil Hat February 26th, 2002 TinFoil Hat Linux is a small Linux distribution that can be easily booted from a floppy disk. As from my perspective its two best sides are that you have your ring pair backuped on one place and that you can securely encrypt and decrypt files wherever you are located. http://www.linuxsecurity.com/articles/vendors_products_article-4506.html +------------------------+ | General News: | +------------------------+ * Corporates sign up for computer forensics training March 3rd, 2002 A growing number of businesses are choosing to do their own research into cybercrime rather than go to the police, and are signing up for forensics training to help them uncover employee misdeeds and security breaches, according to Guidance Software Inc. http://www.linuxsecurity.com/articles/intrusion_detection_article-4531.html * Flaw weakens Linux security software March 1st, 2002 Programmers have found a vulnerability in Linux that could allow protective firewall software to grant malicious computer users access to protected networks. The flaw, which affects versions 2.4.14 through 2.4.18-pre9 of the Linux kernel, is in a component of the Netfilter firewall software. http://www.linuxsecurity.com/articles/firewalls_article-4527.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Mar 05 2002 - 04:11:23 PST