+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 25th, 2002 Volume 3, Number 46n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Keeping User-Level Access When Locked Out," "chroot login HOWTO," "Making a Connection With Tcpdump," and "Open-Source Security Comes Under Fire." Security: MySQL and PHP (3 of 3) - This is the third installation of a 3 part article on LAMP (Linux Apache MySQL PHP). In order to safeguard a MySQL server to the basic level, one has to abide by the following guidelines. http://www.linuxsecurity.com/feature_stories/feature_story-130.html LINUX ADVISORY WATCH: This week, advisories were released for squid, wwoffled, lynx, tcpdump, fetchmail, courier, KDE SSL, nullmailer, mhonarc, smrsh, bind, ypserv, getbyname, ftpd, Red Hat kernel, samba, windowmaker, dhcp, php, and gtetrinet. The distributors include Caldera, Debian, FreeBSD, Gentoo, Mandrake, NetBSD, OpenPKG, Red Hat, SuSE, and Trustix. http://www.linuxsecurity.com/articles/forums_article-6241.html --------------------------------------------------------------------- CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner! Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you. http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2 --------------------------------------------------------------------- FEATURE: Security - Physical and Service The first installation of a 3 part article covering everything from physical security and service security to LAMP security (Linux Apache MySQL PHP). http://www.linuxsecurity.com/feature_stories/feature_story-128.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Keeping User-Level Access When Locked Out November 20th, 2002 Incomplete user-locking procedures can fail, leaving opportunities for them to maintain access to your system without your consent. http://www.linuxsecurity.com/articles/host_security_article-6224.html * chroot login HOWTO November 20th, 2002 This HOWTO details creating accounts on a *nix operating system that are chroot'ed to their home directory. That is, one this user logs in, they will not be able to access any other part of the filesystem(s) other than what lies in the account's home directory. http://www.linuxsecurity.com/articles/documentation_article-6217.html * Caught in a BIND November 20th, 2002 Weinberg's second law, a decades-old programmers' joke, states, "If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization." http://www.linuxsecurity.com/articles/forums_article-6213.html * Your DNS Servers Aren't Safe November 18th, 2002 A huge new hole that allows remote code execution takeovers of DNS servers is in the news. And--once again--it spells big trouble and long hours for CSOs and system administrators. http://www.linuxsecurity.com/articles/forums_article-6185.html +------------------------+ | Network Security News: | +------------------------+ * VPN, firewall sales expected to boom November 21st, 2002 Worldwide revenue from sales of VPN (virtual private network) and firewall hardware and software will grow by 31 percent from $668 million in the third quarter of 2002 to $874 million in the third quarter of next year, according to research released Wednesday by Infonetics Research. http://www.linuxsecurity.com/articles/firewalls_article-6232.html * Military Pushes For Wireless Security November 21st, 2002 Military leaders agree that wireless communication is the wave of the future, but they also agree that it needs far greater security features to become deployable and reliable on the battlefield. http://www.linuxsecurity.com/articles/government_article-6233.html * Secure your Samba shares November 21st, 2002 RAV AntiVirus for Samba (Linux) is, as the name describes it, an antivirus product 100% dedicated to Linux, protecting file servers from viruses and other malwares, regardless of the systems targeted. Due to integration of a cutting edge technology named "total platform independence", RAV engine detects all malwares, be it for Windows, Linux or other OS. http://www.linuxsecurity.com/articles/server_security_article-6230.html * Environment Audit November 21st, 2002 Env_audit is a program that ferrets out everything it can about the environment. It is ideal for looking for security problems due to misconfiguration or software bugs. Software developers that write any program that shells out to run a command should be audited with this software. http://www.linuxsecurity.com/articles/vendors_products_article-6235.html * The worst security problems? November 19th, 2002 About a month ago, the SANS Institute, in cooperation with the U.S. Federal Bureau of Investigation, released its list of "The Twenty Most Critical Internet Security Vulnerabilities (Updated) - The Experts' Consensus" for 2002. http://www.linuxsecurity.com/articles/government_article-6196.html * Making a Connection With tcpdump, Part II November 18th, 2002 Using tcpdump we can analyze the PDUs that establish and terminate a TCP/IP connection. TCP uses a special mechanism to open and close connections. The tcpdump output below display data from different connection scenarios between host 192.168.2.10 and 192.168.2.165. The following tcpdump command and options were used to generate output. http://www.linuxsecurity.com/articles/documentation_article-6187.html * Making a Connection With tcpdump, Part I November 18th, 2002 As an system administrator, small command-line utilities that require little setup and can be used for troubleshooting increase in value -- especially when you are called out at 2:00am for a system problem. http://www.linuxsecurity.com/articles/documentation_article-6186.html +------------------------+ | Cryptography News: | +------------------------+ * Light at End of Encryption Tunnel November 21st, 2002 Quantum encryption is about to make life much more difficult for Internet spies. A new method of scrambling data manipulates light to create more complex patterns than just "on" or "off," as with typical encryption. As a result, the information in an e-mail message or file is indecipherable because it contains too much "noise." Not only will it make data uncrackable, the new technology also speeds up the increasingly slow process of sending coded messages over the Internet. http://www.linuxsecurity.com/articles/cryptography_article-6225.html +------------------------+ | General News: | +------------------------+ * Open-Source Security Comes Under Fire November 22nd, 2002 Thanks to several high-profile vulnerabilities and an overall increase in the number of flaws, open-source software has taken over Microsoft Corp.'s position at the bottom of the security heap. http://www.linuxsecurity.com/articles/forums_article-6250.html * Real World Linux Security, 2e November 22nd, 2002 The author of this book, Bob Toxen, is one of the 162 recognized developers of Berkeley UNIX. He has more then 28 years of UNIX and 8 years of Linux experience. Trivia from his resume includes that he was one of the four developers who did the initial port of UNIX to Silicon Graphics hardware, that he was an architect of the client/server system used by NASA's Kennedy Space Center and that he wrote the "The Problem Solver" column for popular UNIX Review magazine. Currently he is a president of Fly-By-Day Consulting, Inc. offering Linux security-consulting services. http://www.linuxsecurity.com/articles/security_sources_article-6244.html * Is IT Overspending On Security? November 20th, 2002 While viruses, worms and hacking attacks continue to evolve, the costs of security failure have about doubled for each of the last five years. It has been standard practice for too long for companies to counter this trend by investing in additional security technology. In the end, however, they still lag the hackers and the malefactors of malicious code. http://www.linuxsecurity.com/articles/forums_article-6215.html * Interview with Lance Spitzner November 20th, 2002 Lance Spitzner is a geek who constantly plays with computers, especially network security. His passion is researching honeypot technologies and using them to learn more about the enemy. He is the founder of the Honeynet Project, moderator of the honeypot mailing list, co-author of "Know Your Enemy", author of Honeypots: Tracking Hackers" and also author of several whitepapers. He works as a senior security architect for Sun Microsystems, Inc. http://www.linuxsecurity.com/articles/forums_article-6214.html * IT Security: Have You Checked Out Your Staff? November 19th, 2002 Research has revealed firms are increasing their spend on IT security as companies become more concerned about protecting data, especially against employees. IT security spend continues to rise in the UK despite the ongoing high-tech recession, with companies broadening their strategies to include an oft-neglected area: their staff. http://www.linuxsecurity.com/articles/general_article-6200.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Nov 26 2002 - 02:23:59 PST