+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | May 10th, 2004 Volume 5, Number 19n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Guarded Memory Move," "Scanning the Horizon," "DNS Troubleshooting: Everything Depends on It," and "Benefits of BCC." ---- >> Certify your Software Integrity << As a software developer you know that the product you make available on the Internet can be tampered with if it is not secured. Our Free Guide will show you how to securely distribute your code over the Internet and how these certificates operate with different software platforms: Download a guide to learn more: http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=thawten06 ---- LINUX ADVISORY WATCH: This week, advisories were released for mc, libpng, LHA, httpd, and rsync. The distributors include Debian, Mandrake, Red Hat, and Trustix. http://www.linuxsecurity.com/articles/forums_article-9272.html ---- Guardian Digital Security Solutions Win Out At Real World Linux Enterprise Email and Small Business Solutions Impres at Linux Exposition. Internet and network security was a consistent theme and Guardian Digital was on hand with innovative solutions to the most common security issues. Attending to the growing concern for cost-effective security, Guardian Digital's enterprise and small business applications were stand-out successes. http://www.linuxsecurity.com/feature_stories/feature_story-164.html ---- >> Bulletproof Virus Protection << Protect your network from costly security breaches with Guardian Digital's multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn04 -------------------------------------------------------------------- Interview with Siem Korteweg: System Configuration Collector In this interview we learn how the System Configuration Collector (SCC) project began, how the software works, why Siem chose to make it open source, and information on future developments. http://www.linuxsecurity.com/feature_stories/feature_story-162.html ---- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Book Review: Computer Security May 8th, 2004 Thomas Greene is well-known within the computer and security world for his work as Associate Editor of The Register- a British tech newspaper. This book is a great contribution to the home and small office market. http://www.linuxsecurity.com/articles/documentation_article-9277.html * "Every Principle of Security is Being Violated," Says O'Dowd May 7th, 2004 "There is no way to fix Linux to bring it up to the level of security that is required for national defense systems, a level that is already available in proprietary operating systems," says Dan O'Dowd. He's just released his third white paper in a series focusing on what his company Green Hills Software terms "an urgent security threat posed by the use of the Linux operating system in U.S. defense systems." http://www.linuxsecurity.com/articles/general_article-9274.html * Benefits of BCC May 7th, 2004 Benefits of BCC Although in many situations it may be appropriate to list email recipients in the To: or CC: fields, sometimes using the BCC: field may be the most desirable option. What is BCC? http://www.linuxsecurity.com/articles/privacy_article-9275.html * Guarded Memory Move (GMM) May 5th, 2004 The Guarded Memory Move tool gets handy when you have to study buffer overflows and you need to catch them together with a "good" stack image. When a stack overflow has been exploited, the back trace is already gone together with good information about parameters and local variables, that are of vital importance when trying to understand how the attacker is trying to work out the exploit. http://www.linuxsecurity.com/articles/host_security_article-9266.html * SELinux Boosts Server Security May 4th, 2004 Security enhanced Linux, a set of kernel modifications and utilities initially developed by the National Security Agency, bolsters the security of Linux systems by enabling administrators to more finely tune data and process permissions. SELinux enforces mandatory access control policies, which limit user and application privileges to the minimum required to do the job. http://www.linuxsecurity.com/articles/server_security_article-9261.html +------------------------+ | Network Security News: | +------------------------+ * SecurityTalk with K Rudolph, CISSP May 6th, 2004 Dancho: Hi Kaie, nice to have you in our first SecurityTalk discussing the importance of Security Awareness programmes and the problems related to the education of end users. http://www.linuxsecurity.com/articles/general_article-9270.html * Scanning the Horizon May 5th, 2004 How secure is your enterprise network? Today that's a harder question to answer than ever, especially as enterprise networks continue to grow in size and complexity. http://www.linuxsecurity.com/articles/network_security_article-9268.html * HNS Learning Session: DDoS Threats May 4th, 2004 For the second learning session on Help Net Security, they've got Steve Woo, Riverhead Networks Vice President of Marketing and Business Development, discussing the threats of Distributed Denial of Service attacks. Since the making of this audio session, Riverhead Networks was acquired by Cisco Systems. http://www.linuxsecurity.com/articles/network_security_article-9265.html * DNS Troubleshooting Everything Depends on It May 4th, 2004 The Domain Name System (DNS) service is required to access e-mail, browse Web sites and use hostnames in general. DNS resolves hostnames to IP addresses and back (e.g. www.cyberguard.com translates to 64.94.50.88). This article details how DNS works under normal circumstances and provides troubleshooting tips. http://www.linuxsecurity.com/articles/network_security_article-9262.html +------------------------+ | General Security News: | +------------------------+ * The Internet's Wilder Side May 6th, 2004 It was just another Wednesday on the sprawling Internet chat-room network known as I.R.C. In a room called Prime-Tyme-Movies, users offered free pirated downloads of "The Passion of the Christ'' and "Kill Bill Vol. 2.'' In the DDO-Matrix channel, illegal copies of Microsoft's Windows software and "Prince of Persia: The Sands of Time,'' an Xbox game, were ripe for downloading. http://www.linuxsecurity.com/articles/network_security_article-9269.html * Mitnick busts bomb hoaxer May 4th, 2004 Ex-hacker Kevin Mitnick is a hero to the small town of River Rouge, Michigan, after using his tech skills to help officials nab the culprit behind a harrowing series of bomb threats. http://www.linuxsecurity.com/articles/general_article-9263.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Mon May 10 2004 - 23:31:02 PDT