+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | December 8th, 2003 Volume 4, Number 49n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Linux Security Expert Defends Debian," "Cross Site Scripting Explained," "Honeypots: The sweet spot in network security," and "Security fears push users to open source." --- >> Get Thawtes NEW Step-by-Step SSL Guide for Apache << In this guide you will find out how to test, purchase, install and use a Thawte Digital Certificate on you Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. Get your copy of this new guide now: http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte29 --- LINUX ADVISORY WATCH: This week, there are multiple serious vulnerabilities that need to be addressed. Advisories were released for bind, rsync, the Linux kernel, xboard, and gnupg. The distributions include Caldera, Conectiva, Debian, Guardian Digital's EnGarde Secure Linux, Fedora, FreeBSD, Gentoo, Mandrake, Red Hat, Slackware, SuSE, Trustix, Turbolinux, and Yellow Dog Linux. http://www.linuxsecurity.com/articles/forums_article-8474.html --- Guardian Digital Customers Protected From Linux Kernel Vulnerability As a result of the planning and secure design of EnGarde Secure Linux, the company's flagship product, Guardian Digital customers are securely protected from a vulnerability that lead to the complete compromise of several high-profile open source projects, including those belonging to the Debian Project. http://www.linuxsecurity.com/feature_stories/feature_story-155.html --- FEATURE: R00ting The Hacker Dan Verton, the author of The Hacker Diaries: Confessions of Teenage Hackers is a former intelligence officer in the U.S. Marine Corps who currently writes for Computerworld and CNN.com, covering national cyber-security issues and critical infrastructure protection. http://www.linuxsecurity.com/feature_stories/feature_story-150.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Linux Security Expert Defends Debian December 4th, 2003 Debian Project leaders did a good job before and after a breach that took down their servers Nov. 21 said Jay Beale, lead developer on the Bastille Linux project and a consultant at JJB Security Consulting & Training. http://www.linuxsecurity.com/articles/forums_article-8464.html * Significant rsync 2.5.6 Security Vulnerability December 4th, 2003 The rsync team has received evidence that a vulnerability in rsync was recently used in combination with a Linux kernel vulnerability to compromise the security of a public rsync server. While the forensic evidence we have is incomplete, we have pieced together the most likely way that this attack was conducted and we are releasing this advisory as a result of our investigations to date. http://www.linuxsecurity.com/articles/server_security_article-8463.html * Linux Kernel Compromise "Was Not Debian Specific." December 3rd, 2003 Recently multiple servers of the Debian project were compromised using a Debian developers account and an unknown root exploit. Forensics revealed a burneye encrypted exploit. Robert van der Meulen managed to decrypt the binary which revealed a kernel exploit. Study of the exploit by the Red Hat and SuSE kernel and security teams quickly revealed that the exploit used an integer overflow in the brk system call. http://www.linuxsecurity.com/articles/host_security_article-8448.html * Cross Site Scripting Explained December 2nd, 2003 For those of you who don't know the acronym, XSS stands for Cross-Site Scripting. It is the term that has been given to web pages that can be tricked into displaying web surfer supplied data capable of altering the page for the viewer. This is a pretty broad term and I apologize, but as you will see XSS has such a wide ranging berth of attack vectors that such a Description is necessary. http://www.linuxsecurity.com/articles/server_security_article-8440.html * Serious Linux Security Flaw Found December 2nd, 2003 A serious vulnerability in the Linux 2.4 kernel has been discovered. The flaw allows users on a Linux machine to gain unlimited access privileges, according to a security advisory posted by developers of the noncommercial Debian Linux distribution. http://www.linuxsecurity.com/articles/host_security_article-8441.html +------------------------+ | Network Security News: | +------------------------+ * Fighting Spammers With Honeypots December 5th, 2003 Though spam should generally not be considered a real cyber attack, it may be difficult to distinguish between virus-contaminated emails, phishing scams and bothersome ads (those containing tricky JavaScript or specific forged HTML used to track them). Moreover, spammers slow the servers receiving legitimate emails and may cause availability problems. http://www.linuxsecurity.com/articles/intrusion_detection_article-8481.html * Honeypots: The sweet spot in network security December 2nd, 2003 The role of decoy-based intrusion-detection technology, or "honeypots," is evolving. Once used primarily by researchers as a way to attract hackers to a network system in order to study their movements and behavior, honeypots are now beginning to play an important part in enterprise security. Indeed, by providing early detection of unauthorized network activity, honeypots are proving more useful to IT security professionals than ever. http://www.linuxsecurity.com/articles/intrusion_detection_article-8447.html +------------------------+ | General Security News: | +------------------------+ * Network Security: Double Impact December 5th, 2003 Should there be two security guards, one to spot potential intruders to your house and another one to stop him from getting in? If you transpose this to the enterprise-network situation, we are faced with a classic debate challenging CIO's and security experts alike. http://www.linuxsecurity.com/articles/network_security_article-8479.html * Security fears push users to open source December 5th, 2003 Security concerns are prompting chief information officers (CIOs) to consider moving from Microsoft to open source on the desktop, according to a report from investment house Merrill Lynch. A survey of 100 CIOs, (75 in the US and 25 in Europe) found that 58 per cent were looking at open source because of its better record on security. http://www.linuxsecurity.com/articles/general_article-8475.html * A Simple Plan (for Security) December 3rd, 2003 By the time Sanjay Kumar ascended to CEO of Computer Associates, the software giant was inundated with troubles. The tech market bust had stunted previously impressive growth. Its software was perceived as second rate. Customers railed against outrageous contracts sold by arrogant sales staff. Disenfranchised investors began demanding heads, Kumar's among them. Lawsuits mounted. http://www.linuxsecurity.com/articles/general_article-8458.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Dec 09 2003 - 04:50:44 PST