+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | May 20th, 2002 Volume 3, Number 20n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "PortSentry for Attack Detection," "Tips on basic Linux server security," "Suid programs, getting to the root of the problem," and "Enhancing VPN Security with Digital Certificates." This week, advisories were released for icecast, shareutils, fileutils, imapd, shadow/pam modules, lukemftp, openssh, tcpdump, and mpg123. The Vendors include Caldera, Mandrake, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-5004.html Security & Simplicity, Finally! - Are you looking for a solution that provides the applications necessary to easily create thousands of virtual Web sites, manage e-mail, DNS, firewalling database functions for an entire organization, and supports high-speed broadband connections all using a Web-based front-end? EnGarde Secure Professional provides those features and more! --> http://www.guardiandigital.com/features-professional.html Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * PortSentry for Attack Detection, Part One May 16th, 2002 Portsentry by Psionic Technologies is a component of their TriSentry suite of attack detection tools: portsentry, hostsentry, and logsentry. This article is the first of a two-part series that will describe in detail how Portsentry works from both a theoretical and a technical point of view.The second article will discuss installing, configuring, and tailoring PortSentry for individual systems. http://www.linuxsecurity.com/articles/intrusion_detection_article-4996.html * Securing Linux May 16th, 2002 This article covers various aspects of securing and running linux. By combining different utilities and aspects of keeping your system secure you'll reap multiple benefits, and keep your nerves in a good shape. http://www.linuxsecurity.com/articles/host_security_article-5000.html * Tips on basic Linux server security May 14th, 2002 If you just put your Apache web server online, and are thinking into making the first step in your system security, this brief article will help you do that. By having your own server, you must understand the responsibility behind it. http://www.linuxsecurity.com/articles/server_security_article-4982.html * Suid programs, getting to the root of the problem May 13th, 2002 There are always some little touches left to make your linux even a bit more secure, involving suid, nouser, sudo and etc. Now, this article is newbie friendly, but it also requires some small amount of knowledge. Fear not, for I shall explain everything as painfully as I can. So sit back, grab yourself your favorite drink, some peanuts and relax. 3,2,1... http://www.linuxsecurity.com/articles/host_security_article-4974.html +------------------------+ | Network Security News: | +------------------------+ * The hidden costs of systems downtime May 14th, 2002 Businesses are increasingly concerned by the devastating effect of hacking and viruses, but many still do not allocate funds directly for responding to premeditated attacks or system downtime. Forrester Research interviewed security managers at 50 blue chip companies. http://www.linuxsecurity.com/articles/general_article-4981.html * Enhancing VPN Security with Digital Certificates May 13th, 2002 Corporations large and small are embracing virtual private networks (VPNs) as a means to build networks that provide secure access for remote and mobile employees. http://www.linuxsecurity.com/articles/cryptography_article-4976.html +------------------------+ | Cryptography: | +------------------------+ * Crypto-Gram May 15, 2002 May 15th, 2002 This month's crypto-gram talks about the principles of Secrecy, Security, and Obscurity, fingerprint readers, general industry news, and commentaries from Bruce Schneier. http://www.linuxsecurity.com/articles/cryptography_article-4995.html +------------------------+ | Vendor/Products: | +------------------------+ * OpenSSH 3.2.2 Released May 16th, 2002 This month's crypto-gram talks about the principles of Secrecy, Security, and Obscurity, fingerprint readers, general industry news, and commentaries from Bruce Schneier. The Crypto-Gram is a free monthly newsletter providing summaries, analyses, insights, and commentaries on computer security and cryptography. http://www.linuxsecurity.com/articles/cryptography_article-5003.html +------------------------+ | General: | +------------------------+ * Web privacy bill sent to Senate May 17th, 2002 A Senate committee Friday sent an online privacy protection bill to the full Senate, but business lobbyists vowed to keep trying to derail the measure before it becomes law. "It's time Congress acted on privacy," declared South Carolina Democrat Sen. Ernest Hollings, chairman of the Senate Commerce Committee that voted 15-8 to approve his bill/ http://www.linuxsecurity.com/articles/privacy_article-5008.html * Shades of gray May 17th, 2002 Recently, "Gray Hat" crackers have been garnering a fair amount of publicity, exposing holes for nothing more than notoriety and a sense of self-fulfillment. These individuals seek out corporate networks and servers to pick them apart, find weaknesses the site administrators might have missed and make them public. http://www.linuxsecurity.com/articles/hackscracks_article-5010.html * Privacy: Are you aware of the trade-offs? May 16th, 2002 Online privacy isn't the issue it once was, if indeed people really ever cared about it. Oh sure, everyone's in favor of privacy in the same way that they're in favor of Mom and apple pie, but exactly how software should preserve privacy is a more controversial issue. http://www.linuxsecurity.com/articles/privacy_article-4998.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue May 21 2002 - 05:12:26 PDT