[ISN] Linux Security Week - September 16th 2002

From: InfoSec News (isnat_private)
Date: Tue Sep 17 2002 - 05:54:11 PDT

  • Next message: InfoSec News: "[ISN] Probe into wireless network hacking suspended"

    +---------------------------------------------------------------------+
    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  September 16th, 2002                         Volume 3, Number 36n  |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    +---------------------------------------------------------------------+
    
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    
    This week, perhaps the most interesting articles include "Stealthful
    Sniffing, Intrusion Detection and Logging," "Evaluating Network Intrusion
    Detection Signatures," "The IP Security Protocol," and "Coordinating a
    Disaster Plan."
    
    :: ENCRYPTION + AUTHENTICATION = TRUST ::
    You may think people will regard your business as trustworthy because
    you've got a 128-bit encryption certificate, but encryption does not
    guarantee trust.
    
      Thawte believes in rigorous authentication:
      
      Download our FREE Authentication Guide 
      --> http://www.gothawte.com/rd362.html
    
    
    This week, advisories were released for ethereal, python, cacti,
    postgresql, kdelibs, krb5, php, wordtrans, gaim, glibc, util-linux.  The
    vendors include Contiva, Debian, Gentoo, Mandrake, and Red Hat.
    
    http://www.linuxsecurity.com/articles/forums_article-5695.html
    
    
    FEATURE: NFS Security - NFS (Network File System) is a widely used and
    primitive protocol that allows computers to share files over a network.
    The main problems with NFS are that it relies on the inherently insecure
    UDP protocol, transactions are not encrypted and hosts and users cannot be
    easily authenticated. Below we will show a number of issues that one can
    follow to heal those security problems.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-118.html
    
    
    Concerned about the next threat? EnGarde is the undisputed winner!
    
     Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
     Editor's Choice Award, EnGarde "walked away with our Editor's Choice
     award thanks to the depth of its security strategy..." Find out what
     the other Linux vendors are not telling you.
    
      -> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2
    
    
    +---------------------+
    | Host Security News: | <<-----[ Articles This Week ]-------------
    +---------------------+
    
    * Web Server Security: Securing Dynamic Web Content
    September 12th, 2002
    
    Once upon a time, the World Wide Web was a relatively static place. The
    Web server's sole function was to simply deliver a requested Web page,
    written in HTML, to a client browser. Over time, developers started
    looking for ways to interact with users by providing dynamic content --
    that is, content that displayed a form or executed a script based on user
    input.
    
    http://www.linuxsecurity.com/articles/server_security_article-5689.html
    
    
    * Securing Debian Manual
    September 10th, 2002
    
    This document describes the process of securing and hardening the default
    Debian installation. It covers some of the common tasks to setup a secure
    network environment using Debian GNU/Linux and also gives additional
    information on the security tools available as well as the work done by
    the Debian security team.
    
    http://www.linuxsecurity.com/articles/documentation_article-5675.html
    
    
    +------------------------+
    | Security Sources News: |
    +------------------------+
    
    * OpenSSL Worm Loose in the Wild
    September 15th, 2002
    
    There has been credible reports that a worm propagating in the wild is
    breaking into servers running vulnerable versions of OpenSSL. Last month,
    several critical security issues, including a client-exploitable remote
    buffer overflow in the SSLv2 handshake process, were discovered in all
    OpenSSL versions prior to 0.9.6e.
    
    http://www.linuxsecurity.com/articles/security_sources_article-5699.html
    
    +------------------------+
    | Network Security News: |
    +------------------------+
    
    * Paranoid Penguin: Stealthful Sniffing, Intrusion Detection and
    Logging
    September 13th, 2002
    
    In a column about syslog [see "syslog Configuration" in the December 2001
    issue of Linux Journal] I mentioned ``stealth logging''--by running your
    central log server without an IP address, you can hide your central log
    server from intruders. But log servers aren't the only type of system that
    can benefit from a little stealth.
    
    http://www.linuxsecurity.com/articles/documentation_article-5698.html
    
    
    * Insecure wireless networks exposed
    September 12th, 2002
    
    A local consulting firm launched a controversial Web site yesterday that
    shows gaping security holes in hundreds of wireless networks throughout
    the downtown core, including many in the financial district and some
    government and university areas.
    
    http://www.linuxsecurity.com/articles/network_security_article-5691.html
    
    
    * Evaluating Network Intrusion Detection Signatures, Part 1
    September 11th, 2002
    
    Karen Kent Frederick of SecurityFocus writes, "Over the past several
    years, a number of academic and commercial entities have conducted
    evaluations of various network intrusion detection (NID) software, to
    determine the overall effectiveness of each product and to compare the
    products to each other.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-5682.html
    
    
    * Know Your Enemy: Honeynets
    September 11th, 2002
    
    Lance Spitzner let us know about the latest from the Honeynet Project. "A
    Honeynet is nothing more then one type of honeypot. Specifically, it is a
    high interaction honeypot designed primarily for research, to gather
    information on the enemy.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-5685.html
    
    
    * Hacking techniques: War dialing
    September 11th, 2002
    
    This article looks at a popular form of attack on an organization's
    computer network known as war dialing. The term war dialing involves the
    exploitation of an organization's telephone, dial, and private branch
    exchange (PBX) systems to penetrate internal network and computing
    resources.
    
    http://www.linuxsecurity.com/articles/hackscracks_article-5683.html
    
    
    * IDS Installation with Mandrake 8.2
    September 10th, 2002
    
    If you have a system or network connected to the Internet, you become a
    target. Your network is being scanned for vulnerabilities. This may happen
    only once a month or twice a day, regardless, there are people out there
    probing your network and systems for weaknesses.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-5671.html
    
    
    * The IP Security Protocol, Part 1
    September 9th, 2002
    
    Explaining IPSec, different levels of security and how to be safe sending
    and receiving packets over the network. .. VPNs (virtual private networks,
    i.e., private networks deployed over a public packet infrastructure) are
    definitely emerging as the solution of choice for the interconnection of
    distant offices belonging to the same company.
    
    http://www.linuxsecurity.com/articles/cryptography_article-5665.html
    
    
    * The IP Security Protocol, Part 2
    September 9th, 2002
    
    Encapsulating security payloads, key exchange mechanisms and other
    components of establishing secure data transfers.  In Part 2, we move on
    to encapsulating security payloads and key exchange mechanisms.  IPSec ESP
    format, specified in RFC 2406, provides confidentiality, authenticity and
    integrity.
    
    http://www.linuxsecurity.com/articles/cryptography_article-5668.html
    
    
    
    +------------------------+
    |  General:              |
    +------------------------+
    
    * The Anti-Spam Cookbook
    September 13th, 2002
    
    Just about everyone but native Hawaiians and direct marketers hate spam.
    Hawaiians consider Spam--the canned luncheon meat--a staple in cooking,
    having developed a number of amazing recipes using it as the main
    ingredient .
    
    http://www.linuxsecurity.com/articles/security_sources_article-5697.html
    
    
    * Kerberos: The watchdog of the Ether
    September 12th, 2002
    
    The first computer networks were used to send e-mails and share files and
    printers between researchers and corporate employees. In such a scenario
    security was not given much thought. Now the computer networks (especially
    the Internet) are used by millions for banking, shopping and filing their
    tax returns, and network security has become a major problem.
    
    http://www.linuxsecurity.com/articles/network_security_article-5694.html
    
    
    * IT managers cite security and competition when choosing a Linux
    system
    September 12th, 2002
    
    A Cannes-based private investigator, Alain Stevens, recently switched
    computer operating systems from Windows to Linux. "It's a security issue,"
    Stevens said. "Viruses which target Windows could send confidential
    documents from my machines to random people - and that could send me to
    prison."
    
    http://www.linuxsecurity.com/articles/forums_article-5688.html
    
    
    * The Weakest Link in Disaster Recovery
    September 11th, 2002
    
    Much of the focus of disaster recovery planning is on creating redundant
    data sites and backup tapes. Very often, a crucial component is
    overlooked: that of keeping current documentation for all IT configuration
    settings. Having such documentation and the original software discs can
    restore a network 40 percent faster than running backup tapes.
    
    http://www.linuxsecurity.com/articles/general_article-5681.html
    
    
    * Computer forensics specialists in demand as hacking grows
    September 9th, 2002
    
    "There simply are not enough people to do this work," says Scott Pancoast,
    a Seattle-based certified forensic computer examiner with the Washington
    state Attorney General's Office.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-5669.html
    
    
    * Coordinating a Disaster Plan
    September 9th, 2002
    
    In establishing a game plan for organizational disaster recovery
    initiatives, there should be synergy between IT operations groups and
    lines of business in categorizing applications for business
    continuity/disaster recovery and understanding the costs involved.
    
    http://www.linuxsecurity.com/articles/security_sources_article-5661.html
    
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Sep 17 2002 - 08:36:09 PDT