[ISN] Linux Security Week - March 15th 2004

From: InfoSec News (isn@private)
Date: Mon Mar 15 2004 - 23:39:16 PST

  • Next message: InfoSec News: "RE: [ISN] Outsourcing: Losing Control (Three messages)"

    +---------------------------------------------------------------------+
    |  LinuxSecurity.com                            Weekly Newsletter     |
    |  March 15th, 2004                              Volume 5, Number 11n |
    |                                                                     |
    |  Editorial Team:  Dave Wreski             dave@private    |
    |                   Benjamin Thomas         ben@private     |
    +---------------------------------------------------------------------+
    
    Thank you for reading the LinuxSecurity.com weekly security newsletter.
    The purpose of this document is to provide our readers with a quick
    summary of each week's most relevant Linux security headlines.
    
    This week, perhaps the most interesting articles include "Rumors of Third
    Vulnerability in Linux Kernel Prove Unfounded," "VLANs on Linux," and
    "Open Source Gets Serious: A New Window on Linux."
    
    ----
    
    >> Bulletproof Virus Protection <<
    
    Protect your network from costly security breaches with Guardian Digitals
    multi-faceted security applications.  More then just an email firewall, on
    demand and scheduled scanning detects and disinfects viruses found on the
    network.
    
      http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn04
    
    ----
    
    LINUX ADVISORY WATCH:
    This week, advisories were released for the Linux kernel, sysstat,
    mailman, coreutils, libxml2, mozilla, and kdelibs. The distributors
    include Debian, Fedora, Gentoo, Mandrake, OpenBSD, Red Hat, and Trustix.
    
    http://www.linuxsecurity.com/articles/forums_article-9035.html
    
    
    Interview with Vincenzo Ciaglia, Founder of Netwosix - In this article, a
    brief introduction of Netwosix is given and the project founder Vincenzo
    Ciaglia is interviewed.  Netwosix is light Linux distribution for system
    administrators and advanced users.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-160.html
    
    --------------------------------------------------------------------
    
    Guardian Digital Launches Next Generation EnGarde Secure Linux
    
    Guardian Digital, Inc., the world's premier open source security company,
    announced an update to the next generation, award-winning platform that
    delivers features designed to ease the process of building a complete
    Internet presence and the level of security necessary to prevent system
    compromise.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-159.html
    
    
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    
    
    +---------------------+
    | Host Security News: | <<-----[ Articles This Week ]----------
    +---------------------+
    
    * Guardian Digital Upgrades Secure Mail Suite
    March 11th, 2004
    
    The 3.0 version of Secure Mail Suite from Guardian Digital, which builds
    Internet security products from open source software, adds the Content and
    Policy Enforcement engine that addresses user privacy, spam and virus
    protection, corporate policy enforcement and content analysis.
    
    http://www.linuxsecurity.com/articles/vendors_products_article-9034.html
    
    
    * Delivering better security, telephony, and privacy
    March 10th, 2004
    
    The new Linux 2.6 kernel offers many improvements over the 2.4 version.
    One area of technical advancement is in the kernel networking options.
    Although there are enhancements in most of the files associated with the
    networking options, this article focuses on major feature improvements and
    additions that affect entire sections rather than on specific files.
    
    http://www.linuxsecurity.com/articles/host_security_article-9028.html
    
    
    * Rumors of Third Vulnerability in Linux Kernel Prove Unfounded
    March 10th, 2004
    
    A story published yesterday by SearchEnterpriseLinux.com incorrectly
    reported that a third mremap vulnerability had been discovered in the
    Linux kernel. Separate and unrelated flaws had been reported in the memory
    management system call in January and February. On March 1, researcher
    Paul Starzetz released an update to his initial advisory that a robust
    proof-of-concept exploit code had been produced for the flaw detailed in
    February.
    
    http://www.linuxsecurity.com/articles/host_security_article-9025.html
    
    
    * Security One Step at a Time
    March 9th, 2004
    
    As I write this, yet another e-mail worm is spreading among non-Linux
    computers and incidentally filling my mailbox with "YOU HAVE A VIRUS"
    bounces from dumb software that somehow doesn't yet get the concept that
    worms forge mail. There's nothing like a worm attack that spares Linux to
    bring out the smug superiority in Linux users.
    
    http://www.linuxsecurity.com/articles/server_security_article-9016.html
    
    
    * Linux meets enterprise server challenge
    March 8th, 2004
    
    Government officials are beginning to sit up and take notice of the Linux
    operating system.  A few years ago, Linux began appearing in data centers
    as information technology professionals discovered that the open-source
    operating system could easily tackle basic network tasks -- such as Web,
    file and print serving -- more cost-effectively than its commercial
    counterparts.
    
    http://www.linuxsecurity.com/articles/government_article-9010.html
    
    
    
    +------------------------+
    | Network Security News: |
    +------------------------+
    
    * Understanding Firewalls
    March 11th, 2004
    
    Understanding Firewalls anything can access your computer at any time,
    your computer is more susceptible to being attacked. You can restrict
    outside access to your computer and the information on it with a firewall.
    
    http://www.linuxsecurity.com/articles/firewalls_article-9031.html
    
    
    * VLANs on Linux
    March 11th, 2004
    
    To begin, we must have a more formal definition of what a LAN is. LAN
    stands for local area network. Hubs and switches usually are thought of as
    participating in a single LAN. Normally, if you connect two computers to
    the same hub or switch, they are on the same LAN. Likewise, if you connect
    two switches together, they are both on the same LAN.
    
    http://www.linuxsecurity.com/articles/network_security_article-9029.html
    
    
    * Symbiot launches DDoS counter-strike tool
    March 11th, 2004
    
    Security company Symbiot is about to launch a product that can hit back at
    hackers and DDoS attacks by lashing out with its own arsenal of tricks,
    but experts say it may just be a bit too trigger-happy Symbiot, a
    Texas-based security firm, is preparing to launch a corporate defence
    system at the end of March that can fight back against distributed
    denial-of-service (DDoS) and hacker attacks by launching a counter-strike.
    
    http://www.linuxsecurity.com/articles/network_security_article-9032.html
    
    
    +------------------------+
    | General Security News: |
    +------------------------+
    
    * Open-source gets serious: A new window on Linux
    March 11th, 2004
    
    Thanks to its streamlined and relatively secure core, the Linux operating
    system has gradually been winning a place on servers in federal agencies.
    Now Linux is making inroads on desktop PCs as well, territory that has
    long been ruled by Microsoft Corp.'s Windows.
    
    http://www.linuxsecurity.com/articles/general_article-9030.html
    
    
    * Infosecurity Europe 2004
    March 10th, 2004
    
    Infosecurity Europe 2004 opens its doorsto over 10,000 buyers and sellers
    in IT Security. Infosecurity Europe provides theultimate forumfor sourcing
    opportunities, information updates and free educational forums, tackling
    the key technology issues set to affect your business.
    
    http://www.linuxsecurity.com/articles/organizations_events_article-9026.html
    
    
    * Survey: CIOs Say Security Is Top Priority
    March 9th, 2004
    
    Chief information officers (CIOs) at enterprises worldwide remain cautious
    about boosting their technology spending, and the money they do spend will
    concentrate on security and business intelligence, said a survey released
    Tuesday.
    
    http://www.linuxsecurity.com/articles/general_article-9021.html
    
    
    * Is password-lending a cybercrime?
    March 8th, 2004
    
    In a little-observed civil lawsuit involving tracking of magazine
    subscriptions, a federal court in Manhattan issued a ruling last week that
    could theoretically result in prosecutors going after people who use
    another person's password and userid with their permission, but without
    the permission of the issuer.
    
    http://www.linuxsecurity.com/articles/government_article-9014.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email newsletter-request@private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Mar 16 2004 - 02:44:36 PST