+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 19th, 2002 Volume 3, Number 32n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Intrusion detection: Too Much Information," "Secure Infrastructure Design," "Secure Remote Workstations With Integrated VPNs," and "Unlocking the Secrets of Crypto: Cryptography, Encryption, and Cryptology Explained." * Developing with open standards? * Demanding High Performance? Catch the Oracle9i JDeveloper wave now and check out how built-in profilers and CodeCoach make your Java code tighter and faster than ever before. --> Download your FREE copy of Oracle9i JDeveloper Today. --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=oracle4 FEATURE: Centralized File-Integrity With Samhain Part I There is no silver bullet in security; rather, due diligence and knowledge are the best foundations for solid management of risk. The focus of this document is distinctively on workstations: those located in a corporate environment, those situated at the house, and the myriad of situations that fall somewhere in-between. http://www.linuxsecurity.com/feature_stories/feature_story-116.html This week, advisories were released for cvs, mailman, hylafax, interchange, l2tpd, xinetd, glibc, modssl, chfn, libpng, bind, xchat, shareutils, tcl/tk, mm, and ipppd. The vendors include Caldera, Debian, Gentoo, Mandrake, OpenBSD, Red Hat, SuSE, Trustix, and Yellow Dog. http://www.linuxsecurity.com/articles/forums_article-5528.html Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-requestat_private with "subscribe" as the subject. Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Configuring IPsec/IKE on Solaris August 15th, 2002 The IP Security Protocol (IPsec) and the Internet Key Exchange (IKE) protocol are designed to permit system and network administrators the capability to protect traffic between two systems. These systems can be network devices or individual hosts. http://www.linuxsecurity.com/articles/network_security_article-5527.html * No Stone Unturned, Part Six August 14th, 2002 This is an additional installment to the No Stone Unturned series, which was written to help clarify to NT/2K admins the steps they can take to determine the nature and purpose of suspicious files found on their systems. In Part Five of the series, our heroic system administrator found an unusual file on a compromised system. http://www.linuxsecurity.com/articles/security_sources_article-5522.html * xinetd: Update: File descriptor leak vulnerability August 14th, 2002 xinetd version 2.3.7 was released that addresses a mior file descriptor leak present in 2.3.4 - 2.3.6. Steve Grubb, co-maintainer of xinetd, sent in a note stating, "At the most, if everything is in just the right configuration...which is probably rare, all they can do is terminate xinetd." http://www.linuxsecurity.com/articles/server_security_article-5511.html +------------------------+ | Network Security News: | +------------------------+ * Intrusion detection: Too Much Information August 16th, 2002 Intrusion detection systems have been around for years, but lately companies have shown new interest in them as worm and virus attacks have risen, and as new cyber-attacks have been launched from overseas. But contrary to some enthusiastic claims, these systems aren't some new security panacea for the enterprise. http://www.linuxsecurity.com/articles/intrusion_detection_article-5529.html * Secure Wireless Workers August 15th, 2002 Companies need to continue getting more productivity from employees, the cost of wireless equipment to make this a reality has never been lower. Now is a good time to setup secure remote corporate access. http://www.linuxsecurity.com/articles/security_sources_article-5525.html * Secure Infrastructure Design August 14th, 2002 This paper describes the fundamental components of infrastructure design, provides an overview of risk management concepts, and illustrates samples of network topologies. http://www.linuxsecurity.com/articles/network_security_article-5516.html * The Large-Scale Threat of Bad Data in DNS August 14th, 2002 Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). http://www.linuxsecurity.com/articles/network_security_article-5514.html * IP VPN: An Attractive Service August 14th, 2002 Service providers have various options in the way in which they can offer outsourced IP virtual private network (VPN) services to customers. The original service offerings were mostly customer premises equipment (CPE)-based. In such services, service providers deploy and manage CPE VPN gateways (in other words, dedicated VPN appliances or VPN-enabled routers/firewalls) at customer sites. http://www.linuxsecurity.com/articles/network_security_article-5517.html * Secure Remote Workstations With Integrated VPNs August 12th, 2002 There's no question that remote workstations require protection from the increasing security threats present today. When a remote user connects to the corporate network via a VPN, a hacker gaining access to the remote computer could also potentially enter the corporate network as an authorized user. http://www.linuxsecurity.com/articles/network_security_article-5499.html +------------------------+ | Cryptography: | +------------------------+ * Unlocking the Secrets of Crypto: Cryptography, Encryption, and Cryptology Explained August 13th, 2002 Encryption, decryption and code breaking came into the public consciousness in the 1980s with popularity of the movie War Games. It became newsworthy in the 1990s with the legal battles surrounding PGP and the political discussion of the Clipper Chip. Now, with information security becoming more and more of a common concern, the terms encryption, cryptography and cryptology - commonly grouped together under the term "crypto" - are seeping into our daily language. http://www.linuxsecurity.com/articles/cryptography_article-5513.html * Security Flaws Found in PGP E-Mail Encryption August 13th, 2002 Now that the flaw has been demonstrated, it is more likely to be used. However, according to Elias Levy, a security architect at SecurityFocus and Symantec, there is no cause for alarm. http://www.linuxsecurity.com/articles/security_sources_article-5509.html +------------------------+ | General: | +------------------------+ * NIPC Asks for Help on Cyber Alerts August 17th, 2002 Security expert Ryan Russell told NewsFactor that the NIPC is known for trailing other cyber security groups, such as CERT, in putting out alerts and warnings. The National Infrastructure Protection Center (NIPC), the government's main cyber protection agency, is seeking outside help with tracking Internet threats and incidents and generating alerts. http://www.linuxsecurity.com/articles/security_sources_article-5533.html * Homeland Insecurity August 13th, 2002 As was often the case, Bruce Schneier was thinking about a really terrible idea. We were driving around the suburban-industrial wasteland south of San Francisco, on our way to a corporate presentation, while Schneier looked for something to eat not purveyed by a chain restaurant. http://www.linuxsecurity.com/articles/government_article-5507.html * White-Hat Hate Crimes on the Rise August 13th, 2002 When hackers broke into Ryan Russell's server and plastered his private e-mails and other personal files on the Internet last week, Russell tried to shrug it off as a harmless prank. But Russell, editor of Hack Proofing Your Network and an analyst with SecurityFocus.com, also seemed shaken by the incident. http://www.linuxsecurity.com/articles/hackscracks_article-5512.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Aug 20 2002 - 08:38:53 PDT