+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | September 30th, 2002 Volume 3, Number 38n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "PDFs may pose threat to Unix, Linux," "An Introduction to GNU Privacy Guard," "A Guide to Building Secure Web Applications," and "Security Group Comes Out of the Shadows." FEATURE LINK: New Linux OS billed as secure and user friendly The release by Guardian Digital addresses a pressing need among small and large businesses that rely on the Linux operating system: how to better secure corporate environments without being overwhelmed by the complexity of Linux administration. --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=idg1 LINUX ADVISORY WATCH: This week, advisories were released for xchat, kdelibs, openssl, tcl/tk, glibc, tomcat, and zope. The vendors include Conectiva, Debian, Gentoo, Mandrake, NetBSD, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-5787.html Guardian Digital Launches Next Generation EnGarde Enterprise Security Software Guardian Digital, Inc., the leading open source security company, has formally launched the EnGarde Secure Linux server operating system, EnGarde Secure Professional. EnGarde Secure Professional is a comprehensive enterprise software solution that provides all the tools necessary to build a complete, secure online presence. This provides organizations with a cost-effective and proven platform capable of supporting thousands of Web sites and e-mail domains. http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=pr1 +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * PDFs may pose threat to Unix, Linux September 27th, 2002 A security flaw in commonly distributed file-viewing programs may make it possible for attackers to use Adobe Systems PDF and PostScript files to run malicious code on machines using the Unix or Linux operating systems, according to an advisory released by technology security company iDefense. http://www.linuxsecurity.com/articles/host_security_article-5795.html * Secure Programming in PHP September 27th, 2002 The goal of this paper is not only to show common threats and challenges of programming secure PHP applications but also to show you practical methods for doing so. http://www.linuxsecurity.com/articles/documentation_article-5788.html * An Introduction to GNU Privacy Guard (1 of 2) September 26th, 2002 Even though the concept of public-key cryptography for encryption purposes was introduced close to three decades ago, and PGP has been around for over a third of that, you'll likely find that for some reason only a small number of PC users take full advantage of public-key security http://www.linuxsecurity.com/articles/documentation_article-5785.html * An Introduction to GNU Privacy Guard (2 of 2) September 26th, 2002 In the first half of this article we discussed the various uses that GNU Privacy Guard could bring to your business or personal life in enhancing security of your digital documents and files, as well as the basics in getting started with GnuPG. http://www.linuxsecurity.com/articles/documentation_article-5786.html * A Guide to Building Secure Web Applications version 1.1 September 24th, 2002 We all use web applications everyday whether we consciously know it or not. That is, all of us who browse the web. The ubiquity of web applications is not always apparent to the everyday web user. When one visits cnn.com and the site automagically knows you are a US resident and serves you US news and local weather, it's all because of a web application. http://www.linuxsecurity.com/articles/documentation_article-5767.html +------------------------+ | Network Security News: | +------------------------+ * Linux Firewall on out of date hardware: kernel 2.2 or 2.4? September 26th, 2002 An old PC can be the ideal platform to realize a network firewall based on Linux. The system configuration needs a bit of attention but it's not a difficult task to fulfill. The only doubt concerns which kernel version better suits our needs. http://www.linuxsecurity.com/articles/firewalls_article-5778.html * Configuring IPsec and IKE on Solaris, Part Three September 24th, 2002 This is the third article in a three-part series on configuring IPsec and the Internet Key Exchange (IKE) on Solaris hosts. The first article covered the basics of IPsec and IKE. The second article focused on configuring IPsec to protect traffic between two Solaris hosts. http://www.linuxsecurity.com/articles/documentation_article-5766.html * Security Scanning 101 September 24th, 2002 Network and system security scanning is the most practical way to find out what the vulnerabilities and threats are on and for your systems and networks. All reputable providers of this service and associated products offer a comprehensive report that describes the vulnerabilities detected, the level or risk associated with each vulnerability, and recommendations for corrective action. http://www.linuxsecurity.com/articles/network_security_article-5759.html +------------------------+ | Vendors/Products: | +------------------------+ * Start-up banks on hack-proof Linux September 24th, 2002 Start-up Guardian Digital has launched an effort to sell a version of Linux that's less vulnerable to attack, a niche the company hopes will gain it a foothold in the market for the Unix-like operating system. http://www.linuxsecurity.com/articles/organizations_events_article-5769.html * Guardian Digital Launches EnGarde to Provide Enterprises with Linux Security Solutions September 24th, 2002 Guardian Digital, Inc., the leading open source security company, has today formerly launched the EnGarde Secure Linux server operating system, EnGarde Secure Professional. EnGarde Secure Professional is a comprehensive enterprise software solution that provides all the tools necessary to build a complete, secure online presence. http://www.linuxsecurity.com/articles/vendors_products_article-5764.html +------------------------+ | General: | +------------------------+ * Group Seeks Curbs On Security Experts September 27th, 2002 A new organization seeks to find common ground between software companies and hacking gurus over how and when security flaws should be publicized. http://www.linuxsecurity.com/articles/forums_article-5791.html * Agencies Tie IT Security To Budgets September 27th, 2002 With a little prodding from the Office of Management and Budget, agency IT managers are tying system security to their enterprise infrastructures through the budget process. Some said today that securing their infrastructures ranks just as high as e-government for fiscal 2003. http://www.linuxsecurity.com/articles/government_article-5794.html * Security Group Comes Out of the Shadows September 26th, 2002 After nearly a year in the shadows, the Organization for Internet Safety on Thursday formally announced its formation. The group, made up of security and software vendors, is working on a set of guidelines for handling vulnerability information, which it hopes will bring some order to the chaotic world of security research and vulnerability disclosure. http://www.linuxsecurity.com/articles/security_sources_article-5784.html * Book Review: Advanced Linux Networking September 25th, 2002 Advanced Linux Networking is written by Roderick W. Smith, who's the author of such books as 'Broadband internet connections', 'Linux Samba server administration', 'Linux: networking for your office', etc. Advanced Linux Networking consists of five parts, organized into smaller chapters, creating a 26 chapter book which is an excellent reading companion to any basic Linux system administration book. http://www.linuxsecurity.com/articles/documentation_article-5770.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Oct 01 2002 - 05:04:50 PDT