+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 11th, 2002 Volume 3, Number 10n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Snort-Setup for Statistics HOWTO," "Ad Zapping With Squid," "Modular Authentication for Linux," and "Implementing a Bridging Firewall." This week, advisories were released for php, cfs, cvs, xsane, openssh, apache, ntop, squid, and radiud-cistron. The vendors include Conectiva, Debian, EnGarde, FreeBSD, Red Hat, Slackware, SuSE, and Yellow Dog. http://www.linuxsecurity.com/articles/forums_article-4569.html FEATURE: Linux 802.11b and wireless (in)security - In this article, Michael talks about Linux and background on wireless security, utilities to interrogate wireless networks, and the top tips you should know to improve wireless security of your network. http://www.linuxsecurity.com/feature_stories/wireless-kismet.html Security & Simplicity, Finally! - Are you looking for a solution that provides the applications necessary to easily create thousands of virtual Web sites, manage e-mail, DNS, firewalling database functions for an entire organization, and supports high-speed broadband connections all using a Web-based front-end? EnGarde Secure Professional provides those features and more! --> http://store.guardiandigital.com Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * OpenSSH Local User Privilege Escalation Vulnerability March 7th, 2002 A week ago, on Feb. 26, Network Associates (NAI) sent an e-mail to some of its customers announcing that it had killed the PGP Desktop Security product line. This, ladies and gentlemen, is very grim news indeed. Why do I care about PGP Desktop? Because it's a critical software package for me, and presumably for many of you as well. http://www.linuxsecurity.com/articles/cryptography_article-4565.html * Building a CD Bootable Firewall March 6th, 2002 This document covers the basic steps I took in building a bootable CD containing a live FreeBSD filesystem with a couple of security features enabled and configured. With this CD, it is possible to transform a PC from a mediocre workstation into a VPN Gateway or firewall or both without touching the hard drive. http://www.linuxsecurity.com/articles/firewalls_article-4558.html * Multi-Layered Security March 5th, 2002 In this article I discuss generalized ways to increase system and network trust. While my examples are somewhat FreeBSD-centric, they can be abstracted to almost any platform. There is a popular misconception floating around the corporate sector. Many individuals tout, UNIX is not as secure as other operating systems. http://www.linuxsecurity.com/articles/server_security_article-4546.html * CERT: Vulnerabilities in Various Implementations of the RADIUS Protocol March 5th, 2002 Two vulnerabilities in various implementations of RADIUS clients and servers have been reported to several vendors and the CERT/CC. They are remotely exploitable, and on most systems result in a denial of service. VU#589523 may allow the execution of code if the attacker has knowledge of the shared secret. http://www.linuxsecurity.com/articles/vendors_products_article-4545.html * Snort-Setup for Statistics HOWTO March 4th, 2002 This HOWTO describes how to configure Snort version 1.8.3 to be used in conjunction with the statistical tools ACID (Analysis Console for Intrusion Databases) and SnortSnarf. It also intends to get some internal statistics out of snort, e.g. if there are packets dropped. http://www.linuxsecurity.com/articles/documentation_article-4535.html +------------------------+ | Network Security News: | +------------------------+ * Ad Zapping With Squid March 10th, 2002 For some time at my workplace we've been running an ad-zapping service on our web proxy. This page documents how it works, how to use it yourself, how to join the mailing list for updates of the pattern file, and the weirdnesses of our local setup (which you need not duplicate yourself). http://www.linuxsecurity.com/articles/server_security_article-4577.html * Drive-by hackings a myth? March 7th, 2002 The wireless networking industry is being hamstrung by a myth that it is peddling an insecure product, according to a principal analyst at Gartner. Speaking at NetEvents in Montreux Andy Rolfe said that, for all the high profile news about the potential for drive-by hackings, he is yet to see an actual case reported. http://www.linuxsecurity.com/articles/forums_article-4562.html * Wireless: In the Air Tonight March 7th, 2002 So what has this taught us? Once again, the lesson is Security in Depth. Different teachers, different textbook, same lesson. More and more wireless networks are being deployed everyday, but I don't think that there is a corresponding increase in security training. http://www.linuxsecurity.com/articles/network_security_article-4563.html * SwitchSniff March 5th, 2002 For those who think switched Ethernet environments are sniff-proof, the author offers this warning. Switches may be difficult to sniff, but they are certainly not immune. As is clear from the above sections, one method of sniffing in a switched environment is using ARP spoofing, and the machine that will most probably be ARP spoofed is the gateway. http://www.linuxsecurity.com/articles/network_security_article-4551.html * Implementing a Bridging Firewall March 4th, 2002 What is the difference between a bridging firewall and a conventional firewall? Usually a firewall also acts as a router: systems on the inside are configured to see the firewall as a gateway to the network outside, and routers outside are configured to see the firewall as the gateway to the protected network. http://www.linuxsecurity.com/articles/firewalls_article-4537.html * Modular Authentication for Linux March 4th, 2002 You can set up your systems so Linux users can gain secure authentication against a Windows NT Domain. That way they won't need a Linux account and a separate NT Domain account. It'll make life easier for you as a network administrator and make your power users happier. http://www.linuxsecurity.com/articles/server_security_article-4541.html * Network Security with /proc/sys/net/ipv4 March 4th, 2002 David Lechnyr submitted a paper he wrote on how to use /proc to tune network security settings. "In additional to firewall rulesets, the /proc filesystem offers some significant enhancements to your network security settings. http://www.linuxsecurity.com/articles/network_security_article-4528.html +------------------------+ | Cryptography: | +------------------------+ * $100,000 prize in 'unbreakable' crypto challenge March 6th, 2002 A company called Bodacion Technologies is offering $100,000 to anyone who can crack their biomorphic number generator and predict the final, one-thousandth, number in a sequence of 999. The company is dong this to promote its Hydra server, which uses biomorphic computation for crypto routines. http://www.linuxsecurity.com/articles/vendors_products_article-4556.html * PGP is dead! Long live PGP? Maybe March 5th, 2002 A week ago, on Feb. 26, Network Associates (NAI) sent an e-mail to some of its customers announcing that it had killed the PGP Desktop Security product line. This, ladies and gentlemen, is very grim news indeed. Why do I care about PGP Desktop? Because it's a critical software package for me, and presumably for many of you as well. http://www.linuxsecurity.com/articles/cryptography_article-4549.html +------------------------+ | Vendors/Products: | +------------------------+ * PHP Audit Project March 10th, 2002 Because PHP is a critical piece of the hosting service puzzle, the PHP audit project was started in order to harden the PHP interpreter against known and unknown vunlerabilities. We are also trying to add some enhancements for the OpenBSD operating system, without breaking the portability to other systems. http://www.linuxsecurity.com/articles/projects_article-4578.html * PGP Encryption Will Survive, Inventor Says March 8th, 2002 Pretty Good Privacy will go on, despite a move by Network Associates to shelve the encryption product after it couldn't find a buyer, PGP inventor Phil Zimmermann says. Although Zimmermann sold PGP to Santa Clara, California-based NAI in 1997, the protocols for the encryption code are open to all on the Internet. http://www.linuxsecurity.com/articles/vendors_products_article-4575.html +------------------------+ | General News: | +------------------------+ * Davis reinforces security rules March 8th, 2002 Rep. Tom Davis (R-Va.) introduced a bill March 6 that would update and extend the Government Information Security Reform Act, as members of Congress expressed concern over current legislation. http://www.linuxsecurity.com/articles/government_article-4573.html * Configuring Amanda March 8th, 2002 Amanda is the Advanced Maryland Automatic Network Disk Archiver, developed at the University of Maryland in the 1990s. While it is now maintained at SourceForge and support is provided only through mailing lists and a FAQ-O-MATIC, it is still a highly useful, stable network backup utility with a wide range of features. http://www.linuxsecurity.com/articles/server_security_article-4571.html * Best Computer Security Method Overlooked By Industry March 8th, 2002 A team of Penn State and Iowa State researchers has tested and rated three "smart" classification methods capable of detecting the telltale patterns of entry and misuse left by the typical computer network intruder. They found that one, called "rough sets," currently overlooked by the industry, is the best. http://www.linuxsecurity.com/articles/network_security_article-4572.html * New British standard can improve security March 6th, 2002 Information is an important asset, and keeping it safe from hackers, crashes, viruses or simply prying eyes has become a top priority. For online trading to take off - either business-to-consumer or business-to-business - confidence in the security of money and data needs to be guaranteed. http://www.linuxsecurity.com/articles/general_article-4554.html * Curious employees are biggest security risk March 5th, 2002 Forget about Internet crackers, employees are the biggest security problem for most businesses. That's the main conclusion of a survey of UK IT managers which suggests that most firms are prepared for the threats posed by viruses and hackers, but are still struggling to secure data on their own networks. http://www.linuxsecurity.com/articles/general_article-4544.html * The Myth of Open Source Security Revisited March 4th, 2002 The author revisits a debate begun here recently on the nature of security in Open Source projects: do 'lots of eyeballs' insure secure code? It is a common misconception amongst users of Open Source software that it is a panacea when it comes to creating secure software. http://www.linuxsecurity.com/articles/projects_article-4534.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Mar 12 2002 - 01:53:04 PST