[ISN] Linux Security Week - February 10th 2003

From: InfoSec News (isnat_private)
Date: Tue Feb 11 2003 - 07:07:50 PST

  • Next message: InfoSec News: "[ISN] REVIEW: "Honeypots: Tracking Hackers", Lance Spitzner"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  February 10th, 2003                           Volume 4, Number 6n  |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "How to Build,
    Install, Secure & Optimize Apache," "Secure your DNS - replace BIND," "The
    Great IDS Debate : Signature Analysis Versus Protocol Analysis," and "Know
    Your Enemy: Learning with VMware."
    FREE GUIDE - 128-bit Encryption
    Thawte is one of the few companies that offers 128 bit supercerts. A
    supercert will allow you to extend the highest allowed 128 bit encryption
    to all your clients even if they use browsers that are limited to 40 bit
      Download a guide to learn more:
    This week, advisories were released for cvs, mcrypt, slocate, qt-dcgui,
    bladeenc, cim, mysql, kernel, kerberos, php, OpenLDAP, windowmaker, xpdf.
    The distributors include Caldera, Conectiva, FreeBSD, Gentoo, Mandrake,
    and Red Hat.
    Review: Absolute PC Security and Privacy - Miller never knew much about
    viruses, or took them seriously, until a friend got infected and it turned
    out to be more of a nuisance than he thought. So he decided to write a
    book about them. And also about spam, since he was annoyed by that, too.
    CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
    Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
    Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
    thanks to the depth of its security strategy..." Find out what the other
    Linux vendors are not telling you.
    Review: Mastering Network Security, Second Edition - The introduction
    states that this book is aimed at systems administrators who are not
    security experts, but have some responsibility for ensuring the integrity
    of their systems. That would seem to cover most sysadmins.
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * How to Build, Install, Secure & Optimize PHP
    February 6th, 2003
    NOC submits When you need to add some popular web service to your web
    server, you will inevitably find that PHP is required and that you need to
    install it with Apache. In this tutorial we discuss about the way to
    integrate, secure, and optimize it with Apache 2.x.
    * How to Build, Install, Secure & Optimize Apache 2.x
    February 6th, 2003
    Apache is the most widely used HTTP-server in the world today. It
    surpasses all free and commercial competitors on the market, and provides
    a myriad of features; more than the nearest opponent could give you on a
    UNIX variant. It is also the most used web server for a Linux system.
    * Securing & Optimizing Linux: The Ultimate Solution v2.0
    February 6th, 2003
    Mastering security with Linux and getting the maximum out of your system
    have never been easier. Securing & Optimizing Linux: The Ultimate Solution
    (v2.0) has been written and achieved with tightening security to an
    incomparable level in mind.
    * Secure your DNS - replace BIND
    February 5th, 2003
    BIND has become the most popular DNS server on the Internet. It is also a
    favorite hacker target. For organisations that require a more secure DNS
    infrastructure, the djbdns package may be the answer.
    * Securing Systems with chroot
    February 4th, 2003
    One popular technique crackers use to compromise machines is exploiting
    buffer overflows. Buffer overflows are programming bugs which often plague
    software written with the C language, which makes such mistakes easy to
    make. Once you are in the chrooted shell, you only have access to the
    chrooted area. There is no way to escape it; you are in the jail.
    | Network Security News: |
    * How To Build a Secure WLAN
    February 9th, 2003
    Wireless LANs have experienced tremendous growth since the introduction of
    the 802.11b wireless networking standard spurred the development of a wide
    range of "Wi-Fi" solutions developed by network equipment vendors.
    * Through The Fog... Public Key Infrastructure
    February 6th, 2003
    Security is a strange phenomenon in IT. Like a Will O' The Wisp, it's
    elusive. And so we are faced with the promise and the reality of Public
    Key Infrastructures (PKIs) - such a useful, powerful technology, coupled
    with near total apathy on the part of the user community to implement it.
    * IM A Rampant Security Risk
    February 6th, 2003
    Instant messaging (IM) is taking off in companies but self-installed
    consumer versions of software that allows this type of communication are
    posing a "rampant security risk" on networks.  Already some companies see
    IM as a time wasting technology - as was the case when email, web access
    and even the telephone were first put on workers' desks - but the latest
    warning, levelled by Blue Coat Systems, is based on three key factors.
    * The Great IDS Debate : Signature Analysis Versus Protocol Analysis
    February 6th, 2003
    Intrusion detection systems (IDS) have rapidly become a crucial component
    of any network defense strategy. Over the past few years, their popularity
    has soared as vendors have refined their results and increased performance
    capabilities. At the heart of intrusion detection systems lies the
    analysis engine.
    * The Crypto Gardening Guide and Planting Tips
    February 5th, 2003
    There has been a great deal of difficulty experienced in getting research
    performed by cryptographers in the last decade or so (beyond basic
    algorithms such as SHA and AES) applied in practice.  The reason for this
    is that cryptographers don't work on things that implementors need because
    it's not cool, and implementors don't use what cryptographers design
    because it's not useful or sufficiently aligned with real-world
    considerations to be practical.
    * Safety: Open Networks Pose Dilemma
    February 5th, 2003
    If you want to know how insecure today's wireless networks are, just ask
    the people who make it their mission to locate the access points
    designated by companies and consumers around the world.
    * Know Your Enemy: Learning with VMware
    February 4th, 2003
    Virtual Honeynets are a solution that allow you to run a complete Honeynet
    with multiple operating systems on the same physical computer. First
    discussed in the paper Know Your Enemy: Virtual Honeynets, these solutions
    have the advantage of being easier to deploy and simpler to manage.
    * SANS Webcast:  Top 10 Unix Vulnerabilities
    February 3rd, 2003
    Worried about the state of Unix security at your site but unsure where to
    begin? The top 10 Unix vulnerabilities from the SANS "Top 20" list make an
    excellent starting point. Listen as Hal Pomeranz, the author of SANS' Unix
    Security Track, explains the vulnerabilities and provides valuable
    pointers on how to correct or mitigate these vulnerabilities on your
    | General News:          |
    * Mitnick freedom welcomed by his website defacement.
    February 8th, 2003
    "Dear Kevin, welcome to the free world. In order to let you feel more
    comfortable, we defaced your website www.defensivethinking.com. PS: your
    security skills are a little rusty, arent' they?" This was the meaning of
    the message posted by hacker BugBear on Mitnick's website as you can see
    by the mirror taken by zone-h.
    * Slammer: Why Security Benefits From Proof Of Concept Code
    February 7th, 2003
    The UK security expert who discovered the flaw which was exploited by the
    Slammer worm has concluded it does more good than harm to publish proof of
    concept code.In a posting to BugTraq, David Litchfield of NGSSoftware
    expressed concerns that his proof of concept code was used as a template
    by unknown vandals in creating the destructive Slammer worm.
    * Assessing The Threat: Symantec's 2003 Security Report
    February 5th, 2003
    The latest Symantec threat assessment seems to suggest that businesses are
    more vulnerable, but better protected than ever before. It also reveals
    that businesses are in more danger of being attacked from sources within
    the US than any other country, and that the use of wireless and instant
    messaging technologies has rendered companies especially vulnerable.
    * Prelude IDS Yoann Vandoorselaere Interview
    February 4th, 2003
    My name is Yoann Vandoorselaere, I live in France and I'm the founder and
    main developer of the Prelude Intrusion Detection System. I've worked on
    many free software project, such as libsafe, libpcap (a library for packet
    capture), the Nautilus file manager, OMS (Open Media System), libvo, the
    Linux kernel and others.
    * Openwall GNU/Linux Solar Designer Interview
    February 4th, 2003
    I generally prefer to speak about things I do rather than about myself.
    For the past 6 years I've been spending much of my time on computer and
    network security. In particular, I've been developing free Unix security
    tools and other (non-security) software designed to be safe to use, as
    well as making existing software and technologies safer to use
    (discovering, dealing with, and sometimes publicizing vulnerabilities
    whenever that seemed appropriate).
    * February Honeynet Scan of the Month
    February 4th, 2003
    We are excited to announce the SotM challenge for the Month of February
    2003. Sponsored by the Digital Forensic Research Workshop, this month's
    challenge is a continuation of the October 2002 challenge (Scan 24). It is
    not necessary for you to have attempted and or completed the October 2002
    challenge. Based on the police report and recovered evidence, your mission
    is to answer a series of questions pertaining to the case. This month's
    challenge is rated Intermediate to Advance.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Feb 11 2003 - 10:47:22 PST