+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | July 21st, 2003 Volume 4, Number 29n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "The Long and Short of Snort Intrusion Detection," "Encrypted Tunnels with FreeS/WAN's x509 Patch," "Business Continuity and Information Security," and "Honeytokens: The Other Honeypot." LINUX ADVISORY WATCH: This week, advisories were released for pam, gnupg, mpg123, ucd-snmp, phpgroupware, traceroute-nanog, nfs-utils, falconseye, php4, unzip, radius, gtksee, kernel, mozilla, xpdf, apache, and ypserv. The distributors include Conectiva, Debian, Gentoo, Immunix, Mandrake, Red Hat, Slackware, SuSE, Trustix, and Turbo Linux. http://www.linuxsecurity.com/articles/forums_article-7665.html INTRODUCING: Secure Mail Suite from Guardian Digital Unparalleled E-Mail Security. Secure Mail Suite is the most Dynamic, Rigorous Protection for Your Email System on the market today. It Clobbers Spam. Detects and Disables Viruses. And its Killer Firewall Keeps Your Data -- and Your System and Safe and Secure. All in an Easy-to-Manage Application that's Simple to Administer and Maintain. Secure Mail Suite is Guardian Digital's Optimum Solution to Mail Security. It's based on Open-Source Engineering, so it's constantly Improving. And with Guardian Digital Engarde Support, Secure Mail Suite Stays On Guard for You -- for Many Reliable Years. Secure Mail Suite. Sweet! From the First Name in Open-Source Security. Guardian Digital. --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2 REVIEW: Linux Security Cookbook There are rarely straightforward solutions to real world issues, especially in the field of security. The Linux Security Cookbook is an essential tool to help solve those real world problems. By covering situations that apply to everyone from the seasoned Systems Administrator to the security curious home user, the Linux Security Cookbook distinguishes itself as an indispensible reference for security oriented individuals. http://www.linuxsecurity.com/feature_stories/feature_story-145.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf -------------------------------------------------------------------- >> FREE Apache SSL Guide from Thawte << Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs. Click Command: http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25 +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Network Content Analysis Platform July 16th, 2003 This paper describes a Network Content Analysis Platform (NCAP) suitable for a variety of applications requiring access to all layers of network traffic including the content of TCP/IP network data exchanges. NCAP is capable of operating on fully saturated Gigabit traffic using commodity hardware (multiprocessor Intel/Linux boxes with Gigabit NICs). http://www.linuxsecurity.com/articles/network_security_article-7642.html * A Quantum Leap in Cryptography July 16th, 2003 In a dark, quiet room inside the Boston labs of BBN Corp. (VZ ), network engineer Chip Elliott is using the laws of physics to build what he hopes will be an unbreakable encryption machine. The system, which sits atop a pink heat-absorption table, is designed to harness subatomic particles to create a hacker-proof way to communicate over fiber-optic networks. http://www.linuxsecurity.com/articles/cryptography_article-7651.html * Secrets To The Best Passwords July 14th, 2003 The use of good, hard-to-guess passwords can make it difficult for a malicious hacker to break into your computer account. Avoiding predictable keywords and using different methods to introduce variety into your passwords makes it easy for you to remember them but virtually impossible for others to guess them. Use keywords related to a theme. http://www.linuxsecurity.com/articles/security_sources_article-7628.html +------------------------+ | Network Security News: | +------------------------+ * Camouflaging Nmap Scans July 18th, 2003 It's a boring Friday evening - mortals with brains the size of peanuts fill up the local joint exposing whatever is left of their gray matter to the savageness of fermented glucose whilst my DNA donors enjoy the comforts of the flickering images emitted by the crude cathode ray. http://www.linuxsecurity.com/articles/network_security_article-7671.html * 10 Tips for Protecting Your High-Speed Internet Connection July 18th, 2003 With more of us using high-speed Internet access such as DSL or cable modems at home, the chances for security breaches have increased dramatically. The following tips can help you keep your systems and network connections secure and operational. http://www.linuxsecurity.com/articles/network_security_article-7676.html * Intrusion Detection July 18th, 2003 If someone broke into your network, how would you know? There wouldn't be any muddy footprints. If you had a strong firewall that had good logging capabilities, you might find evidence of an attack in your logs, but a smart hacker could even get around that. http://www.linuxsecurity.com/articles/intrusion_detection_article-7666.html * The Long and Short of Snort Intrusion Detection July 17th, 2003 Intrusion-detection systems (IDS) have a mixed reputation in the world of enterprise IT. Many IDSs have been accused of being overly sensitive and flooding system administrators with false alerts. http://www.linuxsecurity.com/articles/intrusion_detection_article-7664.html * Scanning Networks July 17th, 2003 Scanning helps one to know what services are running on a machine. This will show the open ports on which services are listening for connections. First we will determine whether the target machine is alive or not. This can be done by sending a icmp echo request packet to the server. The server would respond with a icmp echo reply showing that it's alive. http://www.linuxsecurity.com/articles/network_security_article-7661.html * Encrypted Tunnels with FreeS/WAN's x509 Patch July 15th, 2003 In countries where a private or semi-public WAN is something not every company can afford, the Internet is the only option available to connect all of those remote offices. The obvious problems are this is a public network and, in most cases, we don't get a static IP address. http://www.linuxsecurity.com/articles/cryptography_article-7635.html * ftwall - KaZaa and Derivitives IPTables based blocker July 15th, 2003 New firewalling project seeks testers for Kazaa-blocker. "P2pwall" is a sourceforge project for the development of tools and documentation for the effective firewalling of P2P application traffic using Linux IPtables. http://www.linuxsecurity.com/articles/projects_article-7641.html +------------------------+ | General Security News: | +------------------------+ * Getting Certified in Information Security July 20th, 2003 If you believe in the value of professional certification, you probably already have one or more certifications in business continuity. http://www.linuxsecurity.com/articles/general_article-7677.html * Business Continuity and Information Security July 18th, 2003 In an effort to answer this question, CPM recently conducted a readership survey and has been discussing this issue with some leading experts in the fields of business continuity and information security. On the following page you'll find the results of our survey, which show a clear relationship between these two disciplines. http://www.linuxsecurity.com/articles/general_article-7675.html * Honeytokens: The Other Honeypot July 17th, 2003 Lance Spitzner submits The purpose of this series of honeypot papers is to cover the breadth of honeypot technologies, values and issues. I hope by now readers are beginning to understand that honeypots are an incredibly powerful and flexible technology. They have multiple applications to security, everything from simplified detection to advanced information gathering. Today we extend the capabilities of honeypots even further by discussing honeytokens. Honeytokens are everything a honeypot is, except they are not a computer. http://www.linuxsecurity.com/articles/intrusion_detection_article-7662.html * Blogs: Another Tool in the Security Pro's Toolkit (Part One) July 17th, 2003 My name is Scott, and I'm an information addict. I'll admit, I love information. No, make that I love and need information. If you're interested in keeping up with trends and changes in security, you're probably an information addict as well. http://www.linuxsecurity.com/articles/security_sources_article-7659.html * Physical and IT Security Will Converge July 14th, 2003 Links between physical and virtual security must be thought through, according to Computer Associates' head of security software. The head of security software for Computer Associates, Ron Moritz, has warned that the convergence of physical and IT security can increase a company's exposure to risk if not managed properly. http://www.linuxsecurity.com/articles/security_sources_article-7629.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jul 22 2003 - 03:11:46 PDT