[ISN] Linux Security Week - November 18th 2002

From: InfoSec News (isnat_private)
Date: Tue Nov 19 2002 - 06:28:31 PST

  • Next message: InfoSec News: "[ISN] COMDEX: Panel: Accept the Net is vulnerable to attack"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  November 18th, 2002                          Volume 3, Number 45n  |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "The Unix
    Auditors Practical Handbook," "The Study on the Vulnerabilities of
    Operating System," "Administering Linux IPSec Virtual Private Networks,"
    and "Make Nessus Your New Security Tool of Choice."
    This week, advisories were released for PXE, libpng, python, html2ps,
    kdenetwork, masqmail, apache-perl, bind, kadmind, smrsh, resolver,
    perl-MailTools, nss_ldap, php, traceroute, kpgp, apache, kdelibs, and
    syslog-ng.  The distributors include Caldera, Debian, Guardian Digital's
    EnGarde Secure Linux, FreeBSD, Gentoo, Red Hat, and SuSE.
    FEATURE: Security - Physical and Service
    The first installation of a 3 part article covering everything from
    physical security and service security to LAMP security (Linux Apache
    MySQL PHP).
    CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
    Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
    Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
    thanks to the depth of its security strategy..." Find out what the other
    Linux vendors are not telling you.
    FEATURE:  Security: Apache (2 of 3) - This is the second installation of a
    3 part article on LAMP (Linux Apache MySQL PHP). Apache is the most widely
    used HTTP-server in the world today.
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * The Peon's Guide To Secure System Development
    November 15th, 2002
    Increasingly incompetent developers are creeping their way into important
    projects. Considering that most good programmers are pretty bad at
    security, bad programmers with roles in important projects are guaranteed
    to doom the world to oblivion.
    * Identifying A Deleted Account
    November 14th, 2002
    Last week I extolled the virtues of keeping an audit trail. This actually
    came up because a reader was confused about some processes that were
    running under a no-longer existing userid.
    * The Unix Auditors Practical Handbook
    November 14th, 2002
    This handbook is meant to be a practical guide to auditing Unix. It will
    be kept as up-to-date as possible. The commands and filenames given here
    are applicable to a Sun Solaris system. However, there are cross-command
    references for AIX and Linux.
    * Alien Autopsy: Reverse Engineering Win32 Trojans on Linux
    November 14th, 2002
    In my last article, Reverse Engineering Hostile Code, I described the
    tools and processes involved in basic reverse engineering of a simple
    trojan. This article will offer a more detailed examination of the
    reversing process, using a trojan found in the wild. At the same time,
    this article will discuss some techniques for reversing Windows-native
    code entirely under Linux.
    * libpcap and tcpdump Sources Trojaned
    November 13th, 2002
    The FT Conferences Web site was defaced overnight by mischievous crackers
    promoting a Russian DJ. Defacement archive Zone-H reports that hackers
    broke in using a mistake in the Web site's configuration to post pictures
    of Vasya Strelnkikov, a famous Russian DJ.
    * The Study on the Vulnerabilities of Operating System
    November 11th, 2002
    Which Operating System have more vulnerabilities out of the box? Are they
    more secure after the latest patches? Do the latest patches add
    vulnerabilities? We wanted to see how much the OS patches released really
    help and to see which OS is more secure "Out of the Box".
    | Network Security News: |
    * Consortium Demos Secure Network
    November 15th, 2002
    A public/private consortium in Oregon is developing a secure information
    network that was created as a direct result of homeland security concerns.
    The consortium responsible for developing the Oregon Trial of Emergency
    and Security Technology (O-TEST) demonstrated the model in Washington,
    D.C., Nov. 13.
    * Wi-Fi Encryption Fix Not Perfect
    November 15th, 2002
    The biggest security risks for "Wi-Fi" wireless Internet networks are that
    users sometimes fail to turn on their encryption software.  But even the
    responsible ones who use the encryption program -- Wired Equivalent
    Privacy -- aren't immune to malicious attacks.
    * Administering Linux IPSec Virtual Private Networks
    November 14th, 2002
    This article will discuss some of the more advanced features of FreeS/WAN
    that you can leverage to implement flexible and reliable IPSec VPNs. The
    ultimate source of information on FreeS/WAN is the official FreeS/WAN Web
    site (http://www.freeswan.org).
    * Encrypted NFS with OpenSSH and Linux
    November 14th, 2002
    NFS is a widely deployed, mature, and understood protocol that allows
    computers to share files over a network. The main problems with NFS are
    that it relies on the inherently insecure UDP protocol, transactions are
    not encrypted, hosts and users cannot be easily authenticated, and its
    difficulty in firewalling.
    * Plan for a security architecture
    November 13th, 2002
    Volatility and immaturity in security technology will continue to make
    enterprisewide technology architectures impractical through 2003. However,
    the need for a consistent approach, scalability, agility, and auditability
    will drive development of adaptive, top-down security architectures
    encompassing consistent policy frameworks, strong process orientation,
    service definitions, formal roles/responsibilities, and domain-specific
    technology standards (2002-03).
    * Layer 2 Analysis of WLAN Discovery Applications for Intrusion
    November 12th, 2002
    Wireless LAN discovery through the use of applications such as
    NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular
    technique for network penetration. The discovery of a wireless LAN might
    be used for seemingly innocuous Internet access, or to be used as a
    "backdoor" into a network to stage an attack.
    * Make Nessus Your New Security Tool of Choice
    November 12th, 2002
    No ace sysadmin should be without Nessus, it's the utility of choice for
    hardcore security scanning. Nessus is based on nmap, the excellent port
    scanner by Fyodor. Primarily authored by Renaud Deraison, it adds a nice
    graphical interface and loads of attack functions.
    * Keep Out: Host Intrusion Detection
    November 11th, 2002
    You need a way to proactively protect your servers from malicious attacks.
    Host intrusion prevention, or HIP, is a way to do just that. Using a
    variety of different methods, HIP products restrict a program's or a
    user's access to system resources, safeguarding the underlying OS from
    attacks that take advantage of poorly written code.
    | Cryptography News:     |
    * BIND / crypt_blowfish Openwall Linux Info
    November 17th, 2002
    Yesterday I've put out the BIND 4.9.10-OW2 patch, which includes the patch
    provided by ISC and thus has the two recently announced vulnerabilities
    affecting BIND 4 fixed. Another recent update is crypt_blowfish 0.4.5.
    * Crypto-Gram November 15, 2002
    November 16th, 2002
    Crypto-Gram is a free monthly newsletter providing summaries, analyses,
    insights, and commentaries on computer security and cryptography. This
    issue includes info on Bruce's new book, security and Japanese Honeybees,
    reader comments, and more.
    * Noisy Light Is New Key To Encryption
    November 15th, 2002
    Scientists at Northwestern University say they have harnessed the
    properties of light to encrypt information into code that can be cracked
    only one way: by breaking the physical laws of nature
    |  General News:         |
    * Study: Linux Security Problems Outstrip Microsoft's
    November 15th, 2002
    Open source software has surpassed Microsoft (Nasdaq: MSFT) Latest News
    about Microsoft software in terms of security Relevant Products/Services
    from IBM problems, according to an Aberdeen Group report.
    * Perspective: Why IT will love Homeland Security
    November 13th, 2002
    Last week's congressional midterm election means that the Homeland
    Security Department will be assembled fast--and that's the best news the
    technology market has heard since Netscape went public.The power shift in
    Congress means that IT and outsourcing budgets that had been on ice since
    the dot-com implosion will be thawed and spent.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 19 2002 - 15:36:55 PST