+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 5th, 2004 Volume 5, Number 14n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "File And Email Encryption With GnuPG," "The Layered Approach to Security is Dead," and "Protecting yourself against mini-DDoS attacks." ---- >> NEW Step-by-Step SSL Guide for Apache from Thawte << Thawte's new guide will show you how to test, purchase, install and use a Thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://ad.doubleclick.net/clk;7739216;9007465;r ---- LINUX ADVISORY WATCH: This week, advisories were released for mc, openssl, ethereal, libxml2, emil, Linux kernel, apache, UUDeview, courier, oftpd, fetchmail, squid, OpenLDAP, mplayer, Mozilla, and apache. The distributors include Conectiva, Debian, FreeBSD, Gentoo, Mandrake, Red Hat, Trustix, and Turbolinux. http://www.linuxsecurity.com/articles/forums_article-9129.html Interview with Siem Korteweg: System Configuration Collector In this interview we learn how the System Configuration Collector (SCC) project began, how the software works, why Siem chose to make it open source, and information on future developments. http://www.linuxsecurity.com/feature_stories/feature_story-162.html ---- >> Bulletproof Virus Protection << Protect your network from costly security breaches with Guardian Digitals multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn04 -------------------------------------------------------------------- Security: MySQL and PHP This is the second installation of a 3 part article on LAMP (Linux Apache MySQL PHP). In order to safeguard a MySQL server to the basic level, one has to abide by the following guidelines. http://www.linuxsecurity.com/feature_stories/feature_story-130.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * File And Email Encryption With GnuPG (PGP) April 5th, 2004 File and mail security is easy to achieve with the right tools. PGP has proven itself the leader, and GnuPG is the tool of choice in the Linux world. http://www.linuxsecurity.com/articles/cryptography_article-9134.html * Security Enhanced Linux March 31st, 2004 Operating system security is (or at least should be) of critical importance to us all. However, the varying levels of security required differ for each systems administrator. http://www.linuxsecurity.com/articles/host_security_article-9114.html * Back to Linux Basics With Debian GNU/Linux March 31st, 2004 Debian GNU/Linux: Reliable, solid, and free infrastructure server. As the bigger guns in the enterprise Linux space move to commercialize their software as much as possible, the Debian project continues to provide a Linux distribution that offers organizations the sort of commodity infrastructure for which Linux was originally known. http://www.linuxsecurity.com/articles/vendors_products_article-9119.html * Serve up your Next Presentation March 29th, 2004 You'll notice that I haven't said much about security. With small audiences in isolated locations you may not need much security at all. If you are doing a weekend retreat way out in the woods (using portable generators, maybe) with nobody else around for miles, you probably can get by with just knowing your audience members and watching what they are doing when your Web server is up and running. http://www.linuxsecurity.com/articles/general_article-9103.html +------------------------+ | Network Security News: | +------------------------+ * Announcing the Fourth WorldWide WarDrive (WWWD) April 2nd, 2004 The WorldWide WarDrive is an effort by security professionals and hobbyists to generate awareness of the need by individual users and companies to secure their access points. The goal of the WorldWide WarDrive (or WWWD) is to provide a statistical analysis of the many access points that are currently deployed. http://www.linuxsecurity.com/articles/organizations_events_article-9127.html * The Layered Approach to Security is Dead... Long Live Layered Security April 1st, 2004 Life isn't the same as it used to be, the good old days of leaving your door unlocked are gone, never to return. Business isn't the same either. IT has brought into the workplace, organisational and cultural challenges. http://www.linuxsecurity.com/articles/general_article-9126.html * Protecting yourself against mini-DDoS attacks March 30th, 2004 These are distributed denial of service attacks small enough to fly below the security radars of ISPs and law enforcement agencies, but potent enough to shut down cable or DSL modems connections. As evidenced by my inability to do anything about an attack on my connection (which I use to get my job done, but is shared with other family members for personal use), the perpetrators can wreak havoc without fear of reprisals. http://www.linuxsecurity.com/articles/network_security_article-9108.html +------------------------+ | General Security News: | +------------------------+ * Forrester questions Linux security April 5th, 2004 A new study from Forrester Research has concluded that the Linux operating system is not necessarily more secure than Windows. The report finds that on average, Linux distributors took longer than Microsoft to patch security holes, although Microsoft flaws tended to be more severe. http://www.linuxsecurity.com/articles/host_security_article-9133.html * Task force urges security collaboration April 2nd, 2004 Improving software security will demand a concerted effort from government, industry and higher education, said members of a national task force on software development in a report released today. http://www.linuxsecurity.com/articles/general_article-9130.html * Human Nature vs. Security March 31st, 2004 If you're asked to picture security for a house, the image that might jump to mind is of that pimply faced kid who comes around every few months with promises of free-installation of an alarm system or 6 months of free monitoring. http://www.linuxsecurity.com/articles/general_article-9117.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Tue Apr 06 2004 - 09:18:14 PDT