[ISN] Linux Security Week - September 1st 2003

From: InfoSec News (isnat_private)
Date: Tue Sep 02 2003 - 06:14:49 PDT

  • Next message: InfoSec News: "RE: [ISN] Industry group wants DHS agency to review deal with Microsoft (2 Messages)"

    +---------------------------------------------------------------------+
    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  September 1st, 2003                           Volume 4, Number 35n |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             daveat_private    |
    |                   Benjamin Thomas         benat_private     |
    +---------------------------------------------------------------------+
    
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    
    This week, perhaps the most interesting articles include "Building Secure
    Wireless Networks with 802.11," "Blocking Kazaa traffic with
    Linux/IPTables firewall," "Running custom DNS Queries - Stealthily
    Managing iptables Rules," and "Information Security Program Development."
    
    LINUX ADVISORY WATCH:
    This week, advisories were released for docview, unzip, sendmail,
    iptables, pam_smb, gdm, php, and perl.  The distributors include Debian,
    FreeBSD, Gentoo, Mandrake, Red Hat, Slackware, SuSE, and TurboLinux.
    
    http://www.linuxsecurity.com/articles/forums_article-7875.html
    
    
    FEATURE: A Practical Approach of Stealthy Remote Administration
    
    This paper is written for those paranoid administrators who are looking
    for a stealthy technique of managing sensitive servers (like your
    enterprise firewall console or IDS).
    
    http://www.linuxsecurity.com/feature_stories/feature_story-149.html
    
    --------------------------------------------------------------------
    
    >> FREE Apache SSL Guide from Thawte <<
    Are you worried about your web server security?  Click here to get a FREE
    Thawte Apache SSL Guide and find the answers to all your Apache SSL
    security needs.
    
     Click Command:
     http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=vertad_thawteapache
    
    --------------------------------------------------------------------
    
    Basic Intrusion Prevention using Content-based Filtering
    
    This article will discuss a very useful but seemingly overlooked
    functionality of Netfilter, a firewall code widely used in Linux, that
    provides content matching and filtering capabilities.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-148.html
    
    
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    
    +---------------------+
    | Host Security News: | <<-----[ Articles This Week ]-------------
    +---------------------+
    
    * Security Protection: Block That Port!
    August 29th, 2003
    
    So I started digging into the reality of this situation and find that
    buried in all this information is another weakness that isn't widely
    publicized. One port that could be a problem is the port used by trivial
    file transfer, which happens to be port 69 for those of you that keeping
    track. This port wasn't named by the feds as a target.
    
    http://www.linuxsecurity.com/articles/network_security_article-7877.html
    
    
    * Secure programmer: Developing secure programs
    August 29th, 2003
    
    This column explains how to write secure applications; it focuses on the
    Linux operating system, but many of the principles apply to any system. In
    today's networked world, software developers must know how to write secure
    programs, yet this information isn't widely known or taught.
    
    http://www.linuxsecurity.com/articles/security_sources_article-7880.html
    
    
    * Secure Cooking with Linux, Part 2
    August 28th, 2003
    
    Recipe 3.12. Restricting Access by Time of Day.  Author's note: Most Linux
    systems control access to their network services using inetd or xinetd,
    two popular superdaemons. This recipe, excerpted from Chapter 3, "Network
    Access Control," demonstrates how to make inetd and xinet restrict access
    to those services depending on the time of day.
    
    http://www.linuxsecurity.com/articles/documentation_article-7872.html
    
    
    * Secure Cooking with Linux, Part 3
    August 28th, 2003
    
    Recipe 4.3, Creating Access Control Lists with PAM.  Author's note: PAM
    (Pluggable Authentication Modules) is a flexible infrastructure for
    controlling authentication on Linux systems. In this recipe, taken from
    Chapter 4, "Authentication Techniques and Infrastructures," we show you
    how to restrict authentication to a given set of users by creating an
    access control list.
    
    http://www.linuxsecurity.com/articles/documentation_article-7873.html
    
    
    
    +------------------------+
    | Network Security News: |
    +------------------------+
    
    * Building Secure Wireless Networks with 802.11
    August 29th, 2003
    
    Information security experts Khan and Kwaja combined their WiFi knowledge
    and created this step-by-step guide covering all the major aspects of
    802.11 networks. They cover the whole circle, from initial network and
    product considerations, over installation and security, to troubleshooting
    the existing network.
    
    http://www.linuxsecurity.com/articles/documentation_article-7876.html
    
    
    * Blocking Kazaa traffic with Linux/IPTables firewall.
    August 29th, 2003
    
    The "p2pwall" project has developed a GPL add-in for iptables based
    firewalls that allows blocking of traffic to and from "Fast-Track"
    software such as "Kazaa", Kazaa-lite, iMesh and grokster. The software is
    designed for use in "permissive" firewall configurations where home-net
    hosts are permitted more or less unlimited access to the public internet,
    but are protected from in-bound connections.
    
    http://www.linuxsecurity.com/articles/firewalls_article-7879.html
    
    
    * Running custom DNS Queries - Stealthily Managing iptables Rules
    August 28th, 2003
    
    The only thing that's left in our procedure is how exactly we can create
    these fake DNS requests on various machines.  We need to send DNS queries
    to our machine with a hostname that matches one of the %mapping hash keys
    in order to trigger the commands. Assuming our key is openssh, we can use
    any of the following commands, depending on what software you have
    installed and what operating system you're running.
    
    http://www.linuxsecurity.com/articles/documentation_article-7867.html
    
    
    * Slow Down Internet Worms With Tarpits
    August 25th, 2003
    
    Worms, worms are everywhere! The recent and prolific spread of Internet
    worms has yet again demonstrated the vulnerability of network hosts, and
    it's clear that new approaches to worm containment need to be
    investigated. In this article, we'll discuss a new twist on an
    under-utilized technology: the tarpit.
    
    http://www.linuxsecurity.com/articles/network_security_article-7851.html
    
    
    +------------------------+
    | General Security News: |
    +------------------------+
    
    * Surprising percentage of public fears cyberattacks
    August 29th, 2003
    
    About half of Americans fear terrorists will launch cyberattacks on the
    large networks that operate the banking, electrical transportation and
    water systems, disrupting everyday life and possibly crippling economic
    activity, according to a survey conducted by Federal Computer Week and the
    Pew Internet & American Life Project.
    
    http://www.linuxsecurity.com/articles/hackscracks_article-7882.html
    
    
    * Information Security Program Development
    August 29th, 2003
    
    Formal adherence to detailed security standards for electronic information
    processing systems is necessary for industry and government survival.
    Security standards are needed by organizations because of the amount of
    information, the value of the information, and ease with which the
    information can be manipulated or moved.
    
    http://www.linuxsecurity.com/articles/security_sources_article-7883.html
    
    
    * Linux Review: The Concept of Security
    August 26th, 2003
    
    As I sat one morning working on some loose ends, my e-mail inbox signaled
    the arrival of some new message. Experience is the best teacher, and my
    experience told me this was a new worm or virus.  The attachment was
    zipped, so I saved it to my Windows desktop and then FTPed it to one of my
    Linux boxes.
    
    http://www.linuxsecurity.com/articles/security_sources_article-7854.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Sep 02 2003 - 09:29:49 PDT