[ISN] Linux Security Week - September 23rd 2002

From: InfoSec News (isnat_private)
Date: Mon Sep 23 2002 - 23:25:03 PDT

  • Next message: InfoSec News: "FW: [ISN] Microsoft issues 51st security bulletin of the year"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  September 23rd, 2002                         Volume 3, Number 37n  |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "Stamp out spam
    with SpamAssassin," "Who Goes There? An Introduction to On-Access Virus
    Scanning," "Remote End-Point Security Services," and "Idle Scanning and
    related IPID games."
    FEATURE: What is the Slapper worm? - The question of the week: What
    Slapper? Let me begin by telling you I am not only describing the Slapper
    worm, but I am also describing the Apache/mod_ssl worm, the bugtraq.c
    worm, and the Modap worm. In effect, this is just 4 different names for
    the same nasty worm.
    Concerned about the next threat? EnGarde is the undisputed winner!
     EnGarde Secure Linux is a complete solution that provides all
     the tools necessary to build a complete secure Internet presence.  
     Winner of the Network Computing Editor's Choice Award, EnGarde "walked
     away with our Editor's Choice award thanks to the depth of its security
     strategy..." Find out what the other Linux vendors are not telling you.
      -> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2
    This week, advisories were released for purity, openssl, konqueror, php,
    libkvm, libresolv, NetBSD kernel, libc, shutdown, pppd, kdf, ioctl, dns,
    nfs, setlocale, postgresql, and libx11.  The vendors include Conectiva,
    Debian, FreeBSD, NetBSD, and SuSE.
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * Stamp out spam with SpamAssassin
    September 21st, 2002
    This article takes a look at the evolution of the spam cycle (for as Sun
    Tzu and every general who ever came after him said, "Know thine enemy and
    victory will be forthcoming"). It also takes a look at SpamAssassin, the
    latest in a long and venerable line of weapons in the fight against spam,
    as well as a look ahead.
    * Putting The Kernel On Your Side
    September 20th, 2002
    Intro The Linux enables (as most of you know) run-time module loading,
    that is : you can had features to your linux kernel without having to
    re-compile the whole kernel again. You can write and load modules that
    will be linked to the kernel. This paper is about how to use modules in
    order to help you in administrating your system.
    * Who Goes There? An Introduction to On-Access Virus Scanning
    September 17th, 2002
    By now, most savvy computer users have anti-virus software (AV) installed
    on their machines and use it as part of their regular computing routine.
    However, most average users do not know how anti-virus software works.
    This article is the second in a two-part series that will offer a brief
    overview of a particular type of anti-virus technique known as on-access
    | Network Security News: |
    * Internal Network Security
    September 19th, 2002
    When organizations first begin to assess network security, the tendency is
    to focus almost exclusively on external facing assets to defend against
    unauthorized "hacker" attacks. However, to establish an effective security
    program, organizations must examine both internet facing, publicly
    accessible resources, as well as private internal networks.
    * Remote End-Point Security Services: Defining a New Market
    September 18th, 2002
    Teleworkers, mobile employees, and broadband access are all driving
    corporations to extend their networks securely through the implementation
    of IP VPNs over the Internet. While these networks are being extended, the
    malicious activities of hackers and their ability to compromise networks
    and remote PCs are only increasing.
    * Idle Scanning and related IPID games
    September 18th, 2002
    Almost four years ago, security researcher Antirez posted an innovative
    new TCP port scanning technique. Idlescan, as it has become known, allows
    for completely blind port scanning. Attackers can actually scan a target
    without sending a single packet to the target from their own IP address!
    Instead, a clever side-channel attack allows for the scan to be bounced
    off a dumb "zombie" host.
    |  Cryptography:         |
    * Open-Source Group Gets Sun Security Gift
    September 20th, 2002
    Sun's "elliptic curve" technology is involved in the process of using keys
    to encrypt and decrypt information for electronic transactions. Such
    encryption lets people buy products online, for example, while shielding
    their credit card number from prying eyes.
    * Crypto-Chip Boosts ID Security
    September 20th, 2002
    When you send your credit card number over the Internet to pay for a new
    book or a pair of pants, the number is mathematically disguised --
    encrypted -- so that the original string of digits can be decoded only by
    the merchant at the other end of your shopping spree.
    * A Gathering of Big Crypto Brains
    September 19th, 2002
    In a lush country hotel 20 miles south of Dublin, the barroom conversation
    turns to steganography and database vulnerabilities, encryption algorithms
    and biometric scanners, SWAP files and cookie poisoning.  Not your average
    pub denizens, the speakers are some of the best-known names in
    cryptography and security, gathered for one of the industry's best-kept
    secrets: the annual COSAC conference, held every fall in Ireland.
    * New AES crypto standard broken already
    September 17th, 2002
    Theoretical attacks against AES (Advanced Encryption Standard) winner
    Rijndael and runner-up Serpent have been published. They might work in the
    practical world; they might not. That's about all we can say from the
    latest edition of Bruce Schneier's CryptoGram newsletter, which seeks to
    simplify the issues discovered by researchers Nicolas Courtois and Josef
    Pieprzyk, and elaborated in a paper entitled "Cryptanalysis of Block
    Ciphers with Overdefined Systems of Equations".
    |  General:              |
    * Offical: Cybersecurity Not Watered Down
    September 20th, 2002
    A White House official is standing behind the administration's draft
    recommendations on cybersecurity, asserting that they have not been
    weakened by lobbying from technology companies.
    * Finding the Security Budget Sweet Spot
    September 19th, 2002
    Companies must first determine which threats they are vulnerable to, then
    figure out how much damage a breach could inflict, and finally sift
    through the abundance of security products on the market.
    * Greasing the Squeaky Wheels
    September 19th, 2002
    Being paranoid about security is a good thing. For example, requiring
    strong passwords, locking down the services on your machines, removing all
    shared accounts, and disabling cleartext protocols make it more difficult
    for a cracker to gain access to your machines and data. Unfortunately, it
    also makes working on the systems less convenient for you and your users.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 24 2002 - 02:55:52 PDT