+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | September 1st, 2003 Volume 4, Number 35n | | | | Editorial Team: Dave Wreski daveat_private | | Benjamin Thomas benat_private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Building Secure Wireless Networks with 802.11," "Blocking Kazaa traffic with Linux/IPTables firewall," "Running custom DNS Queries - Stealthily Managing iptables Rules," and "Information Security Program Development." LINUX ADVISORY WATCH: This week, advisories were released for docview, unzip, sendmail, iptables, pam_smb, gdm, php, and perl. The distributors include Debian, FreeBSD, Gentoo, Mandrake, Red Hat, Slackware, SuSE, and TurboLinux. http://www.linuxsecurity.com/articles/forums_article-7875.html FEATURE: A Practical Approach of Stealthy Remote Administration This paper is written for those paranoid administrators who are looking for a stealthy technique of managing sensitive servers (like your enterprise firewall console or IDS). http://www.linuxsecurity.com/feature_stories/feature_story-149.html -------------------------------------------------------------------- >> FREE Apache SSL Guide from Thawte << Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs. Click Command: http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=vertad_thawteapache -------------------------------------------------------------------- Basic Intrusion Prevention using Content-based Filtering This article will discuss a very useful but seemingly overlooked functionality of Netfilter, a firewall code widely used in Linux, that provides content matching and filtering capabilities. http://www.linuxsecurity.com/feature_stories/feature_story-148.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Security Protection: Block That Port! August 29th, 2003 So I started digging into the reality of this situation and find that buried in all this information is another weakness that isn't widely publicized. One port that could be a problem is the port used by trivial file transfer, which happens to be port 69 for those of you that keeping track. This port wasn't named by the feds as a target. http://www.linuxsecurity.com/articles/network_security_article-7877.html * Secure programmer: Developing secure programs August 29th, 2003 This column explains how to write secure applications; it focuses on the Linux operating system, but many of the principles apply to any system. In today's networked world, software developers must know how to write secure programs, yet this information isn't widely known or taught. http://www.linuxsecurity.com/articles/security_sources_article-7880.html * Secure Cooking with Linux, Part 2 August 28th, 2003 Recipe 3.12. Restricting Access by Time of Day. Author's note: Most Linux systems control access to their network services using inetd or xinetd, two popular superdaemons. This recipe, excerpted from Chapter 3, "Network Access Control," demonstrates how to make inetd and xinet restrict access to those services depending on the time of day. http://www.linuxsecurity.com/articles/documentation_article-7872.html * Secure Cooking with Linux, Part 3 August 28th, 2003 Recipe 4.3, Creating Access Control Lists with PAM. Author's note: PAM (Pluggable Authentication Modules) is a flexible infrastructure for controlling authentication on Linux systems. In this recipe, taken from Chapter 4, "Authentication Techniques and Infrastructures," we show you how to restrict authentication to a given set of users by creating an access control list. http://www.linuxsecurity.com/articles/documentation_article-7873.html +------------------------+ | Network Security News: | +------------------------+ * Building Secure Wireless Networks with 802.11 August 29th, 2003 Information security experts Khan and Kwaja combined their WiFi knowledge and created this step-by-step guide covering all the major aspects of 802.11 networks. They cover the whole circle, from initial network and product considerations, over installation and security, to troubleshooting the existing network. http://www.linuxsecurity.com/articles/documentation_article-7876.html * Blocking Kazaa traffic with Linux/IPTables firewall. August 29th, 2003 The "p2pwall" project has developed a GPL add-in for iptables based firewalls that allows blocking of traffic to and from "Fast-Track" software such as "Kazaa", Kazaa-lite, iMesh and grokster. The software is designed for use in "permissive" firewall configurations where home-net hosts are permitted more or less unlimited access to the public internet, but are protected from in-bound connections. http://www.linuxsecurity.com/articles/firewalls_article-7879.html * Running custom DNS Queries - Stealthily Managing iptables Rules August 28th, 2003 The only thing that's left in our procedure is how exactly we can create these fake DNS requests on various machines. We need to send DNS queries to our machine with a hostname that matches one of the %mapping hash keys in order to trigger the commands. Assuming our key is openssh, we can use any of the following commands, depending on what software you have installed and what operating system you're running. http://www.linuxsecurity.com/articles/documentation_article-7867.html * Slow Down Internet Worms With Tarpits August 25th, 2003 Worms, worms are everywhere! The recent and prolific spread of Internet worms has yet again demonstrated the vulnerability of network hosts, and it's clear that new approaches to worm containment need to be investigated. In this article, we'll discuss a new twist on an under-utilized technology: the tarpit. http://www.linuxsecurity.com/articles/network_security_article-7851.html +------------------------+ | General Security News: | +------------------------+ * Surprising percentage of public fears cyberattacks August 29th, 2003 About half of Americans fear terrorists will launch cyberattacks on the large networks that operate the banking, electrical transportation and water systems, disrupting everyday life and possibly crippling economic activity, according to a survey conducted by Federal Computer Week and the Pew Internet & American Life Project. http://www.linuxsecurity.com/articles/hackscracks_article-7882.html * Information Security Program Development August 29th, 2003 Formal adherence to detailed security standards for electronic information processing systems is necessary for industry and government survival. Security standards are needed by organizations because of the amount of information, the value of the information, and ease with which the information can be manipulated or moved. http://www.linuxsecurity.com/articles/security_sources_article-7883.html * Linux Review: The Concept of Security August 26th, 2003 As I sat one morning working on some loose ends, my e-mail inbox signaled the arrival of some new message. Experience is the best teacher, and my experience told me this was a new worm or virus. The attachment was zipped, so I saved it to my Windows desktop and then FTPed it to one of my Linux boxes. http://www.linuxsecurity.com/articles/security_sources_article-7854.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-requestat_private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Sep 02 2003 - 09:29:49 PDT