[ISN] Linux Security Week - July 21st 2003

From: InfoSec News (isnat_private)
Date: Tue Jul 22 2003 - 00:19:23 PDT

  • Next message: InfoSec News: "[ISN] Security without the sweat"

    +---------------------------------------------------------------------+
    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  July 21st, 2003                               Volume 4, Number 29n |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    +---------------------------------------------------------------------+
    
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    
    This week, perhaps the most interesting articles include "The Long and
    Short of Snort Intrusion Detection," "Encrypted Tunnels with FreeS/WAN's
    x509 Patch," "Business Continuity and Information Security," and
    "Honeytokens: The Other Honeypot."
    
    LINUX ADVISORY WATCH: This week, advisories were released for pam, gnupg,
    mpg123, ucd-snmp, phpgroupware, traceroute-nanog, nfs-utils, falconseye,
    php4, unzip, radius, gtksee, kernel, mozilla, xpdf, apache, and ypserv.
    The distributors include Conectiva, Debian, Gentoo, Immunix, Mandrake, Red
    Hat, Slackware, SuSE, Trustix, and Turbo Linux.
    
    http://www.linuxsecurity.com/articles/forums_article-7665.html
    
    
    INTRODUCING: Secure Mail Suite from Guardian Digital
    
    Unparalleled E-Mail Security. Secure Mail Suite is the most Dynamic,
    Rigorous Protection for Your Email System on the market today. It Clobbers
    Spam.  Detects and Disables Viruses. And its Killer Firewall Keeps Your
    Data -- and Your System and Safe and Secure. All in an Easy-to-Manage
    Application that's Simple to Administer and Maintain.
    
    Secure Mail Suite is Guardian Digital's Optimum Solution to Mail Security.
    It's based on Open-Source Engineering, so it's constantly Improving.  And
    with Guardian Digital Engarde Support, Secure Mail Suite Stays On Guard
    for You -- for Many Reliable Years.
    
    Secure Mail Suite. Sweet!
      From the First Name in Open-Source Security. Guardian Digital.
    
     --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2
    
    
    
    REVIEW: Linux Security Cookbook
    
    There are rarely straightforward solutions to real world issues,
    especially in the field of security. The Linux Security Cookbook is an
    essential tool to help solve those real world problems. By covering
    situations that apply to everyone from the seasoned Systems Administrator
    to the security curious home user, the Linux Security Cookbook
    distinguishes itself as an indispensible reference for security oriented
    individuals.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-145.html
    
    
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    
    --------------------------------------------------------------------
    
    >> FREE Apache SSL Guide from Thawte <<
    Are you worried about your web server security?  Click here to get a FREE
    Thawte Apache SSL Guide and find the answers to all your Apache SSL
    security needs.
    
     Click Command:
     http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25
    
    
    +---------------------+
    | Host Security News: | <<-----[ Articles This Week ]-------------
    +---------------------+
    
    * Network Content Analysis Platform
    July 16th, 2003
    
    This paper describes a Network Content Analysis Platform (NCAP) suitable
    for a variety of applications requiring access to all layers of network
    traffic including the content of TCP/IP network data exchanges. NCAP is
    capable of operating on fully saturated Gigabit traffic using commodity
    hardware (multiprocessor Intel/Linux boxes with Gigabit NICs).
    
    http://www.linuxsecurity.com/articles/network_security_article-7642.html
    
    
    * A Quantum Leap in Cryptography
    July 16th, 2003
    
    In a dark, quiet room inside the Boston labs of BBN Corp. (VZ ), network
    engineer Chip Elliott is using the laws of physics to build what he hopes
    will be an unbreakable encryption machine. The system, which sits atop a
    pink heat-absorption table, is designed to harness subatomic particles to
    create a hacker-proof way to communicate over fiber-optic networks.
    
    http://www.linuxsecurity.com/articles/cryptography_article-7651.html
    
    
    * Secrets To The Best Passwords
    July 14th, 2003
    
    The use of good, hard-to-guess passwords can make it difficult for a
    malicious hacker to break into your computer account. Avoiding predictable
    keywords and using different methods to introduce variety into your
    passwords makes it easy for you to remember them but virtually impossible
    for others to guess them. Use keywords related to a theme.
    
    http://www.linuxsecurity.com/articles/security_sources_article-7628.html
    
    
    
    
    +------------------------+
    | Network Security News: |
    +------------------------+
    
    * Camouflaging Nmap Scans
    July 18th, 2003
    
    It's a boring Friday evening - mortals with brains the size of peanuts
    fill up the local joint exposing whatever is left of their gray matter to
    the savageness of fermented glucose whilst my DNA donors enjoy the
    comforts of the flickering images emitted by the crude cathode ray.
    
    http://www.linuxsecurity.com/articles/network_security_article-7671.html
    
    
    * 10 Tips for Protecting Your High-Speed Internet Connection
    July 18th, 2003
    
    With more of us using high-speed Internet access such as DSL or cable
    modems at home, the chances for security breaches have increased
    dramatically. The following tips can help you keep your systems and
    network connections secure and operational.
    
    http://www.linuxsecurity.com/articles/network_security_article-7676.html
    
    
    * Intrusion Detection
    July 18th, 2003
    
    If someone broke into your network, how would you know? There wouldn't be
    any muddy footprints. If you had a strong firewall that had good logging
    capabilities, you might find evidence of an attack in your logs, but a
    smart hacker could even get around that.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-7666.html
    
    
    * The Long and Short of Snort Intrusion Detection
    July 17th, 2003
    
    Intrusion-detection systems (IDS) have a mixed reputation in the world of
    enterprise IT. Many IDSs have been accused of being overly sensitive and
    flooding system administrators with false alerts.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-7664.html
    
    
    * Scanning Networks
    July 17th, 2003
    
    Scanning helps one to know what services are running on a machine. This
    will show the open ports on which services are listening for connections.
    First we will determine whether the target machine is alive or not. This
    can be done by sending a icmp echo request packet to the server. The
    server would respond with a icmp echo reply showing that it's alive.
    
    http://www.linuxsecurity.com/articles/network_security_article-7661.html
    
    
    * Encrypted Tunnels with FreeS/WAN's x509 Patch
    July 15th, 2003
    
    In countries where a private or semi-public WAN is something not every
    company can afford, the Internet is the only option available to connect
    all of those remote offices. The obvious problems are this is a public
    network and, in most cases, we don't get a static IP address.
    
    http://www.linuxsecurity.com/articles/cryptography_article-7635.html
    
    
    * ftwall - KaZaa and Derivitives IPTables based blocker
    July 15th, 2003
    
    New firewalling project seeks testers for Kazaa-blocker.  "P2pwall" is a
    sourceforge project for the development of tools and documentation for the
    effective firewalling of P2P application traffic using Linux IPtables.
    
    http://www.linuxsecurity.com/articles/projects_article-7641.html
    
    
    
    +------------------------+
    | General Security News: |
    +------------------------+
    
    * Getting Certified in Information Security
    July 20th, 2003
    
    If you believe in the value of professional certification, you probably
    already have one or more certifications in business continuity.
    
    http://www.linuxsecurity.com/articles/general_article-7677.html
    
    
    * Business Continuity and Information Security
    July 18th, 2003
    
    In an effort to answer this question, CPM recently conducted a readership
    survey and has been discussing this issue with some leading experts in the
    fields of business continuity and information security. On the following
    page you'll find the results of our survey, which show a clear
    relationship between these two disciplines.
    
    http://www.linuxsecurity.com/articles/general_article-7675.html
    
    
    * Honeytokens: The Other Honeypot
    July 17th, 2003
    
    Lance Spitzner submits The purpose of this series of honeypot papers is to
    cover the breadth of honeypot technologies, values and issues. I hope by
    now readers are beginning to understand that honeypots are an incredibly
    powerful and flexible technology. They have multiple applications to
    security, everything from simplified detection to advanced information
    gathering. Today we extend the capabilities of honeypots even further by
    discussing honeytokens. Honeytokens are everything a honeypot is, except
    they are not a computer.
    
    http://www.linuxsecurity.com/articles/intrusion_detection_article-7662.html
    
    
    
    * Blogs: Another Tool in the Security Pro's Toolkit (Part One)
    July 17th, 2003
    
    My name is Scott, and I'm an information addict.  I'll admit, I love
    information. No, make that I love and need information. If you're
    interested in keeping up with trends and changes in security, you're
    probably an information addict as well.
    
    http://www.linuxsecurity.com/articles/security_sources_article-7659.html
    
    
    * Physical and IT Security Will Converge
    July 14th, 2003
    
    Links between physical and virtual security must be thought through,
    according to Computer Associates' head of security software.  The head of
    security software for Computer Associates, Ron Moritz, has warned that the
    convergence of physical and IT security can increase a company's exposure
    to risk if not managed properly.
    
    http://www.linuxsecurity.com/articles/security_sources_article-7629.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Jul 22 2003 - 03:11:46 PDT