[ISN] Linux Security Week - November 24th 2003

From: InfoSec News (isn@private)
Date: Tue Nov 25 2003 - 00:02:51 PST

  • Next message: InfoSec News: "[ISN] Guidelines for HIPAA Compliance in the Works"

    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  November 24th, 2003                           Volume 4, Number 47n |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             dave@private    |
    |                   Benjamin Thomas         ben@private     |
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    This week, perhaps the most interesting articles include "Building an LDAP
    Server on Linux," "Traffic Control HOWTO," "Wireless LANs: Are they worth
    the trouble," and "Managing risk, to a degree."
    >> Free Trial SSL Certificate from Thawte <<
    Take your first step towards giving your online business a competitive
    advantage. Test-drive a Thawte SSL certificate our easy online guide will
    show you how.
    Get started now:
    Guardian Digital Launches First Secure Small Business Internet
    Productivity Solution
    Building a complete Internet security and productivity system for your
    organization just got a whole lot simpler and more secure with Guardian
    Digital Internet Productivity Suite. Web-based management, spam and virus
    control, groupware, VPN services, and more!
    Find out more now:
    This week advisories were released for zebra, hylafax, minimalist, Glibc,
    XFree86, Sane, postgresql, and apache.  The distributors include
    Conectiva, Debian, Mandrake, RedHat, SuSE, and Trustix.
    OpenVPN: An Introduction and Interview with Founder, James Yonan In this
    article, Duane Dunston gives a brief introduction to OpenVPN and
    interviews its founder James Yonan.
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    | Host Security News: | <<-----[ Articles This Week ]-------------
    * Setting up server tools for spam- and virus-free mail
    November 20th, 2003
    It is amazing how much easier it is to get through an inbox uncluttered by
    unwanted messages. After a week of email nearly free of spam and viruses,
    the time and effort it took to configure a Linux mail server with
    SpamAssassin, MIMEDefang, and sendmail seem well worth the trouble.
    * Secure the incompatible
    November 19th, 2003
    As web services become more complex and involve interaction between
    multiple parties, users will require more versatile security. Simple,
    point-to-point web services can be secured in much the same way as
    interactive web sessions are secured today, by using Secure Sockets Layer.
    However, for situations in which security must be preserved throughout a
    series of cascading web services - operations such as supply chain,
    transaction brokering, and multi-party fulfilment processes - the key
    security specification is WS-Security.
    * Building an LDAP Server on Linux, Part 3
    November 18th, 2003
    So, you've come back for more OpenLDAP fun. Part 1 of this series served
    as an introduction to the Lightweight Directory Access Protocol, with a
    breakdown of what the protocol can and cannot do. In Part 2 we covered
    installation and a very basic configuration. Today we'll populate our
    directory with actual data and glide effortlessly through some of the more
    common showstoppers.
    | Network Security News: |
    * FAQ: Firewall Forensics
    November 19th, 2003
    This document explains what you see in firewall logs, especially what port
    numbers means. You can use this information to help figure out what
    hackers/worms are up to.  This document is intended for both
    security-experts maintaining corporate firewalls as well as home users of
    personal firewalls.
    * Reviews: SSL VPNs
    November 19th, 2003
    More and more companies are letting staffers work remotely. In fact, the
    number of U.S. employees who work remotely at least one day per month has
    increased by nearly 40 percent since 2001, according to a recent study
    conducted by The Dieringer Research Group.  But most of these companies
    still rely on IP security or Point-to-Point Tunneling VPNs to ensure
    secure access to internal resources.
    * Wireless LANs: Are they worth the trouble?
    November 18th, 2003
    The large-scale WLAN installations expected soon will change the way users
    access networks. However, it will also open doors to new security threats.
    In an environment of heightened IT security concerns, this is an urgent
    issue to be addressed by Wi-Fi vendors. International Data Corp., another
    market research firm, predicts that the growth in worldwide spending on
    security and business continuity will dwarf that in overall IT spending.
    * Updated: Traffic Control HOWTO
    November 18th, 2003
    Traffic control is the name given to the sets of queuing systems and
    mechanisms by which packets are received and transmitted on a router. This
    includes deciding which (and whether) packets to accept at what rate on
    the input of an interface and determining which packets to transmit in
    what order at what rate on the output of an interface.
    * KISMET: 802.11 Sniffer
    November 17th, 2003
    Kismet is a 802.11 wireless network sniffer - this is different from a
    normal network sniffer (such as Ethereal or tcpdump) because it separates
    and identifies different wireless networks in the area. Kismet works with
    any 802.11b wireless card which is capable of reporting raw packets (rfmon
    support), which include any prism2 based card (Linksys, D-Link, Rangelan,
    * VPN's: IPSec vs. SSL
    November 17th, 2003
    By implementing a VPN, a company can provide access to the internal
    private network to clients around the world at any location with access to
    the public Internet. It erases the administrative and financial headaches
    associated with a traditional leased line wide-area network (WAN) and
    allows remote and mobile users to be more productive.
    | General Security News: |
    * "Phishing" Identity Theft Is Gaining Popularity
    November 21st, 2003
    Most of us know by now not to give out our passwords, ATM PINs, or other
    secret information when requested by e-mail. But an increasing number of
    people are giving out that information, even those of us who should know
    better. What makes this doubly annoying is that the scam is an old one,
    and it has nothing to do with technology per se.
    * Central Control: Let's Get it Together
    November 20th, 2003
    Until recently, systems and security management have usually been seen as
    separate disciplines. While large framework vendors paid lip service in
    marketechture visions of deeply integrated security with the rest of
    systems and application management, this vision never materialized at a
    practical ops level.
    * Managing risk, to a degree
    November 18th, 2003
    There's now a university masters in IT security and places are filling
    fast.  Line after line of internet protocol information flash up on a
    previously dormant console. "What's that?" I ask the IT manager, as he
    shows me around his busy e-commerce infrastructure.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email newsletter-request@private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 25 2003 - 02:41:20 PST