+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | July 7th, 2003 Volume 4, Number 27n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Intergrating SpamAssassin with Mailman," "Open Source Firewalls Explained," "Distributed Port Scanning Using OpenBSD's packet filter," and "Secure Coding: Principles & Practices." LINUX ADVISORY WATCH: This week, advisories were released for kopete, kde, unzip, acm, xgalaga, mantis, kernel, proftpd, gtksee, proftpd, xpdf, acroread, tcptraceroute, phpbb, noweb, gnocatan, mikmod, XFree86, PHP, ethereal, and ypserv. The distributors include Conectiva, Debian, Gentoo, Immunix, Mandrake, Red Hat, TurboLinux, and YellowDog. http://www.linuxsecurity.com/articles/forums_article-7580.html >> FREE Apache SSL Guide from Thawte << Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs. Click here to download our Free guide: http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25 FEATURE: Real-Time Alerting with Snort Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of time that is acceptable is different for every person. http://www.linuxsecurity.com/feature_stories/feature_story-144.html -------------------------------------------------------------------- * Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is unparalleled in security, ease of management, and features. Open source technology constantly adapts to new threats. Email firewall, simplified administration, automatically updated. --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2 -------------------------------------------------------------------- LINSECURITY.COM FEATURE: Intrusion Detection Systems: An Introduction By: Alberto Gonzalez Intrusion Detection is the process and methodology of inspecting data for malicious, inaccurate or anomalous activity. At the most basic levels there are two forms of Intrusion Detection Systems that you will encounter: Host and Network based. http://www.linuxsecurity.com/feature_stories/feature_story-143.html #### Concerned about the next threat? #### #### EnGarde is the undisputed winner! #### Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you. http://store.guardiandigital.com/html/eng/products/software/esp_overview.shtml +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * A quick view on sendmail July 6th, 2003 Electronic mail is still the most important user service on the network. The Web carries a greater volume of traffic, but e-mail is the service used for most person-to-person communication. And person-to-person communication is the real foundation of business. http://www.linuxsecurity.com/articles/host_security_article-7583.html * Integrating SpamAssassin with Mailman July 3rd, 2003 If you run a moderately popular mailing list, you will have to address the spam problem at some point. Many spammers actively target mailing lists, because if the spam doesn't get caught it will be forwarded to many recipients. http://www.linuxsecurity.com/articles/documentation_article-7574.html * Is Linux Security Right For You July 3rd, 2003 Securing an enterprise Linux environment can be a tough assignment for Unix or Windows veterans, says author and software engineer Scott Mann. Linux security requires more up-front and ongoing self-education and do-it-yourself work than other platforms. But it will also offer more flexibility. http://www.linuxsecurity.com/articles/security_sources_article-7575.html * Securing Linux July 3rd, 2003 Russell is among those who have made a sterling contribution to the NSA's SE Linux project. He is listed both among those who have contributed to the upstream line of development and to the community. http://www.linuxsecurity.com/articles/forums_article-7579.html +------------------------+ | Network Security News: | +------------------------+ * Looking securely at TCP/IP July 6th, 2003 If you are reading this article, you should have a good understanding of how computers work and a working knowledge of how to use Internet tools such as web browsers, Telnet, and e-mail. In addition, you're probably already aware of the need to protect computers on your network from exterior threats, while still allowing your web and e-mail traffic to traverse your connection to the Internet. http://www.linuxsecurity.com/articles/network_security_article-7582.html * Better 802.11 Security July 3rd, 2003 If you've delayed setting up a wireless network because of security concerns, help is at hand. Around the time you read this, improved security technology for all variants of 802.11 should be available as free firmware downloads from most equipment vendors. http://www.linuxsecurity.com/articles/network_security_article-7578.html * Open Source Firewalls Explained July 2nd, 2003 Hackers have computers too and want to keep their own machines free of intrusion from the Internet. Paradoxically, these computers may be the most secure computers on the Internet, because the hackers use free software that they can examine for security problems, they are the first to discover (or create) security weaknesses, and they fix their own systems as soon as loopholes are discovered. http://www.linuxsecurity.com/articles/firewalls_article-7565.html * Distributed Port Scanning Using OpenBSD's packet filter July 2nd, 2003 By using openBSD's packet filter pf one can utilize the NAT address pools added into OpenBSD 3.3 to aid in distributed port scanning. As the text explains NAT can be used in a large network to split outgoing connections over multiple source IP addresses. http://www.linuxsecurity.com/articles/firewalls_article-7570.html * The Use of Honeynets to Detect Exploited Systems Across Large Enterprise Networks July 1st, 2003 An extremely interesting paper written by Georgia Tech for an IEEE security workshop. The Georgia Tech University has several Honeynets deployed on a network of 30,000+ systems. The Honeynets repeatedly demonstrated their value detecting compromised systems, systems that other detection technologies failed to discover. http://www.linuxsecurity.com/articles/intrusion_detection_article-7563.html * Wi-Fi: Security For The Masses June 30th, 2003 There's no doubting the hipness of wireless hot spots. Thanks to Wi-Fi technology, tech-savvy people can jack into the Net at Starbucks coffeehouses or on Lufthansa Airlines or at upscale hotels across the nation. In corporate America, Wi-Fi has the potential to become the de facto standard for connecting mobile users to networks, despite serious security worries. http://www.linuxsecurity.com/articles/network_security_article-7558.html +------------------------+ | General Security News: | +------------------------+ * Interview with Brian Hatch, author of "Hacking Exposed Linux" July 2nd, 2003 Brian Hatch is a hacker in the positive sense - a coder, tinkerer, and tester. I love to prod software into doing things it shouldn't be able to, be it for good or ill. http://www.linuxsecurity.com/articles/security_sources_article-7566.html * Pentagon Pushes Next Version of IP July 2nd, 2003 The next version of the Internet Protocol, which provides a 128-bit standard to transmit data, is getting a jump-start for adoption with its endorsement by the Department of Defense. The result: A boost in the number of available Internet addresses, to eventually number as many as an address for every cell in every person on the planet. http://www.linuxsecurity.com/articles/government_article-7568.html * Secure Coding: Principles & Practices July 1st, 2003 The purpose of this paper is to outline the strategies and managing processes behind implementing a successful Security Policy. Additionally, I will give recommendations for the creation of a Security Awareness Program, where the main objective will be to provide staff members with a better, if not much improved understanding of the issues stated in a security policy." http://www.linuxsecurity.com/articles/documentation_article-7562.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 02:51:37 PDT