[ISN] Linux Security Week - March 17th 2003

From: InfoSec News (isnat_private)
Date: Tue Mar 18 2003 - 05:43:42 PST

  • Next message: InfoSec News: "[ISN] Linux firms look to plug Samba hole"

    +---------------------------------------------------------------------+
    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  March 17th, 2003                             Volume 4, Number 11n  |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    +---------------------------------------------------------------------+
    
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    
    This week, perhaps the most interesting articles include "Using Postfix
    for Secure SMTP Gateways," "Cryptographic Filesystems: Design and
    Implementation," "Linux Security Modules: General Security Support for the
    Linux," and "A practical approach for defeating Nmap OS-Fingerprinting."
    
    
    LINUX ADVISORY WATCH:
    This week advisories were released for zlib, sendmail, qpopper, file,
    snort, mysqlcc, netscape-flash, ethereal, usermode, tcpdump, and lprold.
    The distributors include Caldera, Debian, Guardian Digital's EnGarde
    Secure Linux, Gentoo, Mandrake, NetBSD, Red Hat, and SuSE.
    
    http://www.linuxsecurity.com/articles/forums_article-6896.html
    
    ----------------------------------------------------------------------
    
    * Comprehensive SPAM Protection! - Guardian Digial's Secure Mail Suite is
    unparalleled in security, ease of management, and features. Open source
    technology constantly adapts to new threats. Email firewall, simplified
    administration, automatically updated.
    
     --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=mailn3
    
    ----------------------------------------------------------------------
    
    Remote Syslog with MySQL and PHP
    Msyslog has the ability to log syslog messages to a database. This allows
    for easier monitoring of multiple servers and the ability to be display
    and search for syslog messages using PHP or any other programming language
    that can communicate with the database.by that, too.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-138.html
    
    
     #### Concerned about the next threat?  ####
     #### EnGarde is the undisputed winner! ####
    
     Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
     Editor's Choice Award, EnGarde "walked away with our Editor's Choice
     award thanks to the depth of its security strategy..." Find out what
     the other Linux vendors are not telling you.
    
     http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarden2
    
    
    +---------------------+
    | Host Security News: | <<-----[ Articles This Week ]-------------
    +---------------------+
    
    * Samba 2.2.8 Available, Fixes Serious Security Vulnerability
    March 15th, 2003
    
    This release provides an important security fix outlined in the release
    notes that follow. This is the latest stable release of Samba and the
    version that all production Samba servers should be running for all
    current bug-fixes.
    
    http://www.linuxsecurity.com/articles/server_security_article-6902.html
    
    
    * Using Postfix for Secure SMTP Gateways
    March 13th, 2003
    
    Wietse Venema, intrepid developer of TCP wrappers and co-creator of SATAN,
    has come through for us again: his program, postfix, provides an
    alternative to sendmail that is simpler in design, more modular, easier to
    configure and less work to administer.
    
    http://www.linuxsecurity.com/articles/server_security_article-6895.html
    
    
    * Snort survives first vulnerability
    March 13th, 2003
    
    Snort, the immensely popular open-source intrusion-detection system, is no
    longer confined to cult status. Since going commercial in 2001 with the
    formation of Columbia, Md.-based Sourcefire Inc., Snort has extended its
    reach into enterprises and deep into the federal government.
    
    http://www.linuxsecurity.com/articles/forums_article-6894.html
    
    
    * Manage Passwords Safely--and Simply
    March 13th, 2003
    
    You're doing a little Web browsing at work when you come upon
    Widgetsnmore.com, a site that looks vaguely familiar. Suddenly, you see
    it: the multipurpose electronic gadget polisher you've coveted for
    weeks--and it's half price until 5 o'clock today! You click on the image
    to order it, and...uh-oh. The site asks for your password. What do you do?
    
    http://www.linuxsecurity.com/articles/host_security_article-6889.html
    
    
    * Cryptographic Filesystems: Design and Implementation
    March 11th, 2003
    
    As security becomes a greater focus in networks, every aspect of online
    information needs a level of protection from the network-level use of
    firewalls and IDS to the host-level use of IDS. However, an additional
    level of security has recently come to the forefront of security -
    cryptographic filesystems.
    
    http://www.linuxsecurity.com/articles/cryptography_article-6880.html
    
    
    * Buffer Overflow Attacks and Their Countermeasures
    March 10th, 2003
    
    Buffer overflow problems always have been associated with security
    vulnerabilities. In the past, lots of security breaches have occurred due
    to buffer overflow. This article attempts to explain what buffer overflow
    is, how it can be exploited and what countermeasures can be taken to avoid
    it.
    
    http://www.linuxsecurity.com/articles/server_security_article-6872.html
    
    
    * Linux Security Modules: General Security Support for the Linux
    Kernel
    March 10th, 2003
    
    The access control mechanisms of existing mainstream operating systems are
    inadequate to provide strong system security. Enhanced access control
    mechanisms have failed to win acceptance into mainstream operating systems
    due in part to a lack of consensus within the security community on the
    right solution.
    
    http://www.linuxsecurity.com/articles/general_article-6871.html
    
    
    * Securing Linux
    March 10th, 2003
    
    Here we go again. I decided to write another article concerning some
    overall security aspects of installing and running linux. To keep it short
    and simple, here are some good pointers to enhancing your system's
    security.
    
    http://www.linuxsecurity.com/articles/general_article-6870.html
    
    
    
    +------------------------+
    | Network Security News: |
    +------------------------+
    
    * SSH Tunneling part 3 - Where does the crypto end?
    March 16th, 2003
    
    The book starts with a chapter dedicated to security basics. The author
    introduces general security principles and helps you realize why firewalls
    exist. Yeo naturally notes that a firewall is not the only method of
    defense you should use.
    
    http://www.linuxsecurity.com/articles/documentation_article-6904.html
    
    
    * Wireless LAN Analyzers: The Ultimate Hacking Tools?
    March 14th, 2003
    
    In a Wireless LAN (WLAN), things are different. Its physical medium is the
    electromagnetic spectrum, which exists everywhere and respects few
    boundaries. Wi-Fi is now available at two different frequencies-IEEE
    802.11b at 2.4GHz and IEEE 802.11a at 5GHz-and both can suffer
    interference from neighboring networks and other sources.
    
    http://www.linuxsecurity.com/articles/network_security_article-6900.html
    
    
    * Personal Firewalls for Administrators and Remote Users
    March 13th, 2003
    
    The book starts with a chapter dedicated to security basics. The author
    introduces general security principles and helps you realize why firewalls
    exist. Yeo naturally notes that a firewall is not the only method of
    defense you should use.
    
    http://www.linuxsecurity.com/articles/documentation_article-6888.html
    
    
    * Open Source Honeypots, Part Two: Deploying Honeyd in the Wild
    March 13th, 2003
    
    This is the second part of a three-part series looking at Honeyd, an open
    source solution that is excellent for detecting attacks and unauthorized
    activity. In the first paper, we introduced honeypots and discussed what
    they are, their value, and the different types of honeypots. We then went
    into detail about the Honeyd,.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-6892.html
    
    
    * Study Exposes WLAN Security Risks
    March 13th, 2003
    
    As wireless networks continue to gain acceptance and become integral to
    corporate computing environments, IT departments continue to ignore the
    myriad security problems inherent to wireless LANs, according to a new
    study by RSA Security Inc.
    
    http://www.linuxsecurity.com/articles/network_security_article-6890.html
    
    
    * IP Spoofing: An Introduction
    March 11th, 2003
    
    Criminals have long employed the tactic of masking their true identity,
    from disguises to aliases to caller-id blocking. It should come as no
    surprise then, that criminals who conduct their nefarious activities on
    networks and computers should employ such techniques.
    
    http://www.linuxsecurity.com/articles/network_security_article-6877.html
    
    
    * A practical approach for defeating Nmap OS-Fingerprinting
    March 11th, 2003
    
    Remote OS Fingerprinting is becoming more and more important, not only for
    security pen-testers, but for the black-hat. Just because Nmap is getting
    popularity as the tool for guessing which OS is running in a remote
    system, some security tools have been developed to fake Nmap in its OS
    Fingerprinting purpose.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-6882.html
    
    
    * Virtual Private Networks
    March 10th, 2003
    
    The concept of the Virtual Private Networks (VPN) is very simple. Take the
    worlds largest network, the Internet, and use encryption to pass traffic
    between two or more locations securely, making it a private network.
    However until recently, the application of this simple concept has been
    very complex and not cost effective.
    
    http://www.linuxsecurity.com/articles/network_security_article-6873.html
    
    
    
    +------------------------+
    | General News:          |
    +------------------------+
    
    * Irish Honeynet slammed by attacks
    March 16th, 2003
    
    The Irish Honeynet enticed nearly 600 attacks in January, while the
    rampant Slammer worm even caused it to be brought down for a day during
    the month.  The decoy computer network, which was established to study
    cyber attackers, recorded 597 attacks during January.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-6903.html
    
    
    * 'Honest, We're the Good Guys'
    March 14th, 2003
    
    American businesses feel a little like a rope that's being used in a tug
    of war between privacy and patriotism. Their customers want the personal
    information that businesses collect to be kept private, but the government
    wants access to some of that data for use in various homeland security
    plans.
    
    http://www.linuxsecurity.com/articles/privacy_article-6898.html
    
    
    * Is a Sendmail worm likely?
    March 12th, 2003
    
    A serious buffer overflow vulnerability announced last week in Sendmail is
    ripe to be exploited by targeted attacks, but it is also possible for a
    worm writer to write malicious code that exploits the security hole. No
    one can say whether a worm writer will create malware that targets the
    Sendmail flaw, but it is possible, experts said.
    
    http://www.linuxsecurity.com/articles/server_security_article-6886.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Mar 18 2003 - 08:36:58 PST