+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 25th, 2003 Volume 4, Number 34n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Penetration Testing for Web Applications," "Pocket Wi-Fi Sniffers End Missing Hotspot Misery," "RISC Processor Takes Network Security Onboard," and "Don't Drive Your Security Staff Nuts." LINUX ADVISORY WATCH: This week, advisories were released for openslp, zip, netris, autorespond, unzip, eroaster, and GDM. The distributors include Conectiva, Debian, Mandrake, and Red Hat. http://www.linuxsecurity.com/articles/forums_article-7836.html Basic Intrusion Prevention using Content-based Filtering This article will discuss a very useful but seemingly overlooked functionality of Netfilter, a firewall code widely used in Linux, that provides content matching and filtering capabilities. http://www.linuxsecurity.com/feature_stories/feature_story-148.html -------------------------------------------------------------------- >> FREE Apache SSL Guide from Thawte << Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs. Click Command: http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=vertad_thawteapache -------------------------------------------------------------------- Expert vs. Expertise: Computer Forensics and the Alternative OS No longer a dark and mysterious process, computer forensics have been significantly on the scene for more than five years now. Despite this, they have only recently gained the notoriety they deserve. http://www.linuxsecurity.com/feature_stories/feature_story-147.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Penetration Testing for Web Applications (Part Three) August 21st, 2003 In the first installment of this series we introduced the reader to web application security issues and stressed the significance of input validation. In the second installment, several categories of web application vulnerabilities were discussed and methods for locating these vulnerabilities were outlined. http://www.linuxsecurity.com/articles/server_security_article-7829.html * Think Like a Hacker: The Best Scanning Tools August 18th, 2003 A curious change has come over the image of computer security in the last few years. Whereas headlines once screamed the exploits of allegedly evil hackers, the story now is all about bad code -- unpatched software, poorly secured firewalls and computer passwords left in plain sight. The hackers are not the real culprits; the security holes are. http://www.linuxsecurity.com/articles/security_sources_article-7817.html * FreeBSD Access Control Lists August 18th, 2003 Unix permissions are flexible and can solve almost any access control problem, but what about the ones they can't? Do you really want to make a group every time you want to share a file with another user? Perhaps you don't have root, and you can't create a group at will. Sometimes the limitations can cause security problems; it would be nice to be able to make a directory available to a web server or other user without making the files world-readable or world-writable. http://www.linuxsecurity.com/articles/server_security_article-7810.html * Passive OS Fingerprinting August 18th, 2003 If there's any way you could could contribute, I'd really appreciate this. I set up a very simple visit-to-fingerprint page to gather p0f signatures for the new version (which is getting more and more interesting, I never expected so much feedback). http://www.linuxsecurity.com/articles/server_security_article-7814.html +------------------------+ | Network Security News: | +------------------------+ * Network Security - Submarine Warfare August 22nd, 2003 Perimeter defense is a lost battle. Like old generals, we're still fighting the last war, in which our network was a castle with impregnable walls, a well-defined entry point across the drawbridge (head-end router), portcullis (firewall) and guards (IDS). http://www.linuxsecurity.com/articles/network_security_article-7841.html * Keeping out the intruders: Detecting and preventing August 22nd, 2003 A recent report from research group Gartner, Inc. caused a ruckus in the intrusion detection/intrusion prevention system market. In the Information Security Hype Cycle, Richard Stiennon, research vice president for Gartner, concluded that IDSs has failed to offer up any value to companies relative to their associated costs, and would fall away by 2005. http://www.linuxsecurity.com/articles/intrusion_detection_article-7842.html * ARTClass: An ANN-based Adaptive IDS Alert Classifier August 21st, 2003 This whitepaper describes ARTClass, an IDS alert classifier based on Artificial Neural Networks and Adaptive Resonance Theory. ARTClass design relies upon novel domain-specific models and mechanisms allowing it to adapt to quasi-stable nature of the IDS event stream. http://www.linuxsecurity.com/articles/intrusion_detection_article-7834.html * Wireless on Linux, Part 1 August 21st, 2003 For the harassed, overworked network admin, connecting new clients without having to run additional cabling is so much fun it feels wrong. Miles of pretty color-coded cables and tags are aesthetically pleasing and useful, of course, and who hasn't experienced the satisfaction of crimping connectors? There's nothing like the authoritative SNICK of a perfect crimp. (For some of us deskbound-geeks, grip strength is all we have.) http://www.linuxsecurity.com/articles/documentation_article-7833.html * Pocket Wi-Fi Sniffers End Missing Hotspot Misery August 21st, 2003 Road warriors know the frustration: you're in a foreign city and want to find a Wi-Fi access point. Normally that means looking on the Internet for site directories that can tell you where the nearest hotspots are located, such as WiFinder or WiFiMaps. Most of the time, it's trial and error. http://www.linuxsecurity.com/articles/network_security_article-7831.html * Powerful Wireless Security Tools for Free August 20th, 2003 Despite the best efforts of developers and standards bodies, wireless LANs (WLANs) are still the poster child for unsecured networks. Wireless network-security protocols contain enormous loopholes, coverage areas leak like a broken faucet, and many administrators do not even bother to turn on the security features that come with their systems. http://www.linuxsecurity.com/articles/network_security_article-7825.html +------------------------+ | General Security News: | +------------------------+ * No Time To Relax August 22nd, 2003 Security threats to business-technology systems keep growing. More than 76,000 security incidents were reported in the first six months of this year, compared with about 82,000 reported for all of 2002. http://www.linuxsecurity.com/articles/general_article-7844.html * The Concept of Security August 22nd, 2003 As I sat one morning working on some loose ends, my e-mail inbox signaled the arrival of some new message. Experience is the best teacher, and my experience told me this was a new worm or virus. The attachment was zipped, so I saved it to my Windows desktop and then FTPed it to one of my Linux boxes. http://www.linuxsecurity.com/articles/network_security_article-7840.html * Practical Unix & Internet Security 3/e August 22nd, 2003 In 1991 "Practical Unix Security" was released and became an instant hit in the Information Security community. Back then in the post Morris worm era, there was a need for an informative guide, describing the security techniques for the UNIX operating system. Five years after the initial release, the Internet started to evolve quickly, so the book received a revamp as "Practical Unix and Internet Security". http://www.linuxsecurity.com/articles/documentation_article-7837.html * Don't Drive Your Security Staff Nuts August 22nd, 2003 Sometimes, in the course of an industry's growth, you miss the obvious until it's staring you in the face. We have finally hit that point in information security. We expect our InfoSec staff to handle a massive amount of work, and when they fail we ask them "what went wrong?" What went wrong is increasingly that we've asked them to not only be jacks of all trades, but masters of all trades too. http://www.linuxsecurity.com/articles/forums_article-7845.html * WS-Security Spec Nearing Completion August 21st, 2003 Web services security is a huge issue for IT, with many companies holding off implementation of real-world Web services projects until there's a way to truly lock them down. WS-Security is the specification they're waiting on. http://www.linuxsecurity.com/articles/general_article-7832.html * Hassled to Death: Rain Forest Puppy, Nerd Overlord August 20th, 2003 If you think famed security researcher Rain Forest Puppy's (RFP) recent announcement that he's stepping away from the limelight means he's precious, think again -- the guy has just had enough, and the problems he's been confronted with are fairly familiar. Take this analogy. http://www.linuxsecurity.com/articles/general_article-7824.html * RISC Processor Takes Network Security Onboard August 20th, 2003 The SH7710 32bit RISC microprocessor features an IPsec accelerator for fast encryption and communication processing. The device also offers two on-chip Ethernet controllers that enable connection to two Ethernet LANs. Both peripherals make it suitable for security-enabled devices designed for use in networks, such as VPN dedicated boxes, home gateway servers, surveillance cameras and IP phones. http://www.linuxsecurity.com/articles/vendors_products_article-7826.html * The IT Security Spending Conundrum August 19th, 2003 The market is growing, revenues are up, spending has not increased. Er, what's up? Recent reports from across the pond suggest that 9/11 did not generate the spending surge that many analysts and vendors predicted, and it's all because organisations have lapsed back to the bad habits they practiced pre-9/11. http://www.linuxsecurity.com/articles/security_sources_article-7820.html * The Need To Know August 19th, 2003 This just in from the knowledge-management front: Whatever your company is doing in this area, and it probably should be doing something, don't call it knowledge management. Many people take a rather dim view of that term. OK, let's not mince words: Knowledge management might as well have promised to wash the dishes and mow the lawn for all the hard business benefits many companies believe they've gotten from it. http://www.linuxsecurity.com/articles/general_article-7821.html * The Sad Tale of a Security Whistleblower August 18th, 2003 Previous articles in this space have discussed whether security professionals can go to jail for doing things like demonstrating the insecurity of a wireless network, or conducting a throughput test on a system without permission. Now, a new and unwarranted extension of the U.S. computer crime law shows that you can go to jail for simply telling potential victims that their data is vulnerable. http://www.linuxsecurity.com/articles/forums_article-7815.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Aug 26 2003 - 09:56:09 PDT