+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 8th, 2004 Volume 5, Number 10n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "The MD5CRK Project," "Network Protocol Stack & TCP hacking," "Establishing a Secure E-Commerce Storefront," and "Use Process of Sustained Risk Management. LINUX ADVISORY WATCH: This week, advisories were released for the Linux kernel, xboing, pwlib, tcpdump, and libxml2. The distributors include Debian, Fedora, FreeBSD, and Mandrake. http://www.linuxsecurity.com/articles/forums_article-9003.html ---- >> Internet Productivity Suite: Open Source Security << Trust Internet Productivity Suites open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn09 ---- Interview with Vincenzo Ciaglia, Founder of Netwosix - In this article, a brief introduction of Netwosix is given and the project founder Vincenzo Ciaglia is interviewed. Netwosix is light Linux distribution for system administrators and advanced users. http://www.linuxsecurity.com/feature_stories/feature_story-160.html -------------------------------------------------------------------- Guardian Digital Launches Next Generation EnGarde Secure Linux Guardian Digital, Inc., the world's premier open source security company, announced an update to the next generation, award-winning platform that delivers features designed to ease the process of building a complete Internet presence and the level of security necessary to prevent system compromise. EnGarde Secure Linux leverages the best open source applications available to provide secure Internet connectivity, user privacy, Web and email functions, and intrusion detection. http://www.linuxsecurity.com/feature_stories/feature_story-159.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * The MD5CRK Project March 5th, 2004 The MD5CRK project seeks to prove empirally that MD5 is a hash algorithm that exhibits the not-so-cryptographically-sound property of collisions. This has already been proven theoretically, but nobody really paid attention, so this distributed computing project was created. http://www.linuxsecurity.com/articles/cryptography_article-9004.html +------------------------+ | Network Security News: | +------------------------+ * Updated: fwall 1.4.6_rc4 March 4th, 2004 Fwall is a simple user-friendly firewall script for iptables. It is based on bash. It includes a configuration for 1-2 interfaces, port forwarding, DoS protection, and so on. The base code was cleaned up. Succession of rules was fixed. Logging of syn packets in the OUTPUT and FORWARD chains was fixed. http://www.linuxsecurity.com/articles/firewalls_article-9001.html * Protect Your Wireless Network March 3rd, 2004 If you have a wireless network set up in your home, you might be inviting criminals to steal from you without even having to break in. Wireless internet or Wi-Fi is becoming big business and computer users are lining up to buy the equipment that will allow them to use their laptop computers just about anywhere. http://www.linuxsecurity.com/articles/network_security_article-8992.html * Network Protocol Stack & TCP hacking March 3rd, 2004 The network protocol stack, which forms the carrier and pipeline of data from one host to another is designed in such a way that we can interact with different layers at desired level. http://www.linuxsecurity.com/articles/network_security_article-8996.html * FreeS/WAN Development Halted March 2nd, 2004 After more than five years of active development, the FreeS/WAN project will be coming to an end. Nine months after the release of FreeS/WAN 2.00, Opportunistic Encryption (OE) has not caught on as we'd hoped. http://www.linuxsecurity.com/articles/projects_article-8988.html * New HoneyNet Challenge! March 2nd, 2004 This month's challenge is different. Traditional SotM challenges have been about analyzing specific attacks against specific honeypots. This time we are going to take a step back and look at the bigger picture. http://www.linuxsecurity.com/articles/projects_article-8989.html +------------------------+ | General Security News: | +------------------------+ * LLV Imports: Establishing a Secure E-Commerce Storefront March 7th, 2004 Companies today understand the importance of e-commerce in the new economy. With the number of active Internet users approaching 640 million worldwide, the demand for products and services via the Internet is increasing rapidly. Guardian Digital Corporate Commerce Suite enables companies to meet this high demand and still focus on their core competencies rather than being concerned with how their online presence is functioning. http://www.linuxsecurity.com/articles/vendors_products_article-9008.html\ * DOES open source software enhance security? March 5th, 2004 Analysis There are several reasons why open-source software provides for superior computer and network security, but the computing public seems confused about why this is so, writes Thomas C Greene. http://www.linuxsecurity.com/articles/general_article-9007.html * Use process of sustained risk management to eradicate knee-jerk security scrambles March 3rd, 2004 Consider a firm with 5,000 servers. IT management should know the configuration of those machines, especially what has been patched and to what level. NetIQ estimates that eight out of 10 UK companies do not have the processes in place to report on this accurately. The result is a knee-jerk reaction to patch the system at the appearance of each worm or virus. http://www.linuxsecurity.com/articles/general_article-8993.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Mar 09 2004 - 03:24:15 PST