+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 1st, 2004 Volume 5, Number 9n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include " How to be a Security Warrior," "Three Security Flaws Found in Linux," and "The Proactive vs. Reactive Security Approach." LINUX ADVISORY WATCH: This week, advisories were released for XFree86, the Linux kernel, lbreakout2, mailman, synaesthesia, hsftp, pwlib, metamail, libxml2, mtools, OpenSSL, mod_python, and libxml2. The distributors include Conectiva, Debian, Fedora, Immunix, Mandrake, NetBSD, Red Hat, Suse, Trustix, and Turbolinux. http://www.linuxsecurity.com/articles/forums_article-8975.html ---- >> Internet Productivity Suite: Open Source Security << Trust Internet Productivity Suites open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn09 ---- Interview with Vincenzo Ciaglia, Founder of Netwosix - In this article, a brief introduction of Netwosix is given and the project founder Vincenzo Ciaglia is interviewed. Netwosix is light Linux distribution for system administrators and advanced users. http://www.linuxsecurity.com/feature_stories/feature_story-160.html -------------------------------------------------------------------- Guardian Digital Launches Next Generation EnGarde Secure Linux Guardian Digital, Inc., the world's premier open source security company, announced an update to the next generation, award-winning platform that delivers features designed to ease the process of building a complete Internet presence and the level of security necessary to prevent system compromise. EnGarde Secure Linux leverages the best open source applications available to provide secure Internet connectivity, user privacy, Web and email functions, and intrusion detection. http://www.linuxsecurity.com/feature_stories/feature_story-159.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * How to be a 'security warrior,' part 2 February 27th, 2004 No soldier goes into battle without training. But once he's in the trenches, he sometimes has to rely on skills he didn't learn in boot camp. The same goes for today's security admins, many of whom are new to Linux or even security administration. http://www.linuxsecurity.com/articles/security_sources_article-8974.html * The Web Application Security Consortium February 26th, 2004 The Web Application Security Consortium is a group of top security experts dedicated to developing and promoting standards of best practice for the World Wide Web. Rising to meet the challenges of web security, the Consortium will focus its efforts to assist application developers, security professionals, and software vendors through collaborative effort. more. http://www.linuxsecurity.com/articles/security_sources_article-8972.html * How to be a 'security warrior,' part 1 February 26th, 2004 In computer warfare, security admins must go into battle riding on a strong vehicle and armed with effective tools, according to security expert Anton Chuvakin. Fortunately, the security warrior who's protecting Linux has both. http://www.linuxsecurity.com/articles/security_sources_article-8973.html * Three Security Flaws Found in Linux February 24th, 2004 Security experts have warned that three separate security flaws in Linux have been identified that could allow a user to gain control over a Linux server or workstation, according to a report published Friday in Silion.com. The report said the flaws affects all current versions of Linux. http://www.linuxsecurity.com/articles/host_security_article-8956.html +------------------------+ | Network Security News: | +------------------------+ * A Bio Approach to Network Security February 25th, 2004 Active Countermeasures models the human body's immune reaction to invasion by microbes. It runs a periodic vulnerability analysis based on the latest advisories from security monitoring organizations such as CERT, prioritizes the threats, scans the network for vulnerable machines, then automatically deploys a payload of prevention. http://www.linuxsecurity.com/articles/network_security_article-8966.html * Improving Passive Packet Capture: Beyond Device Polling (Updated) February 23rd, 2004 Many network monitoring tools are based on passive packet capture. The principle is the following: the tool passively captures packets flowing on the network and analyzes them in order to compute traffic statistics and reports including network protocols being used, communication problems, network security and bandwidth usage. http://www.linuxsecurity.com/articles/documentation_article-8953.html +------------------------+ | General Security News: | +------------------------+ * Simple Optics Make Quantum Relay February 26th, 2004 Quantum cryptography devices and networks, which transport photons whose properties can be used to represent the 1s and 0s of digital information, could also benefit from repeaters. Today's prototype quantum cryptography systems provide theoretically perfect security, but these systems can't carry information over long distances. http://www.linuxsecurity.com/articles/cryptography_article-8971.html * Linux Gets Security Boost from NSA February 25th, 2004 Most stories about government deployments of Linux involve a distributor helping various federal and municipal agencies install the open source operating system. But in this case, a federal agency is helping Linux. http://www.linuxsecurity.com/articles/projects_article-8963.html * RSA Panel: Cryptography Can't Foil Human Weakness February 25th, 2004 Enhanced security can solve many issues, but it can't improve the thing that sits between the keyboard and the chair--the user--a cryptographers' panel concluded Tuesday. http://www.linuxsecurity.com/articles/cryptography_article-8965.html * The Proactive vs. Reactive Security Approach February 23rd, 2004 To tailor security properly, there has to be a healthy mix of techniques, starting with proactive tactics such as installing firewalls, deciding on an intrusion detection system, considering hosted applications, and tinkering with network security options. In the mix are also reactive options such as data recovery, antiviral patches, and frequent security updates to applications and hardware. http://www.linuxsecurity.com/articles/security_sources_article-8952.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Mar 02 2004 - 11:49:54 PST