+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | June 7th, 2004 Volume 5, Number 23n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Multiple Security Roles With Unix/Linux," "What Exactly Is Computer Forensics," and "Six Ways to Justify Security Training." ---- >> Bulletproof Virus Protection << Protect your network from costly security breaches with Guardian Digital's multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn04 ---- LINUX ADVISORY WATCH: This week, advisories were released for mailman, kde, MySQL, mc, Apache, Heimdal, utempter, and LHA. The distributors include Conectiva, FreeBSD, Gentoo, Mandrake, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-13.html ---- Linux and National Security As the open source industry grows and becomes more widely accepted, the use of Linux as a secure operating system is becoming a prominent choice among corporations, educational institutions and government sectors. With national security concerns at an all time high, the question remains: Is Linux secure enough to successfully operate the government and military's most critical IT applications? http://www.linuxsecurity.com/feature_stories/feature_story-165.html ---- Guardian Digital Security Solutions Win Out At Real World Linux Enterprise Email and Small Business Solutions Impres at Linux Exposition. Internet and network security was a consistent theme and Guardian Digital was on hand with innovative solutions to the most common security issues. Attending to the growing concern for cost-effective security, Guardian Digital's enterprise and small business applications were stand-out successes. http://www.linuxsecurity.com/feature_stories/feature_story-164.html ---- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Multiple Security Roles With Unix/Linux June 4th, 2004 After the reception my last column regarding the security criticism I heaped on Unix and Linux vendors who are pursuing end-user desktops, I thought I would outline some of the areas where I think Linux and Unix already have strong wins. http://www.linuxsecurity.com/articles/network_security_article-14.html * What Exactly Is Computer Forensics? June 3rd, 2004 Computer forensics involves the preservation, identification, extraction, documentation and interpretation of computer data. It is often more of an art than a science, but as in any discipline, computer forensic specialists follow clear, well-defined methodologies and procedures, and flexibility is expected and encouraged when encountering the unusual. http://www.linuxsecurity.com/articles/network_security_article-10.html * Data Security Debacle June 2nd, 2004 There is a saying in IT that the only truly secure computer is one that's turned off. Because this isn't practical or feasible, data security becomes yet another unavoidable part of doing business in today's wired world. Simply put, data security is the protection of data from unauthorized, accidental, or deliberate modification, destruction, or disclosure. http://www.linuxsecurity.com/articles/network_security_article-4.html * From exposition to exploit: One security book's story June 2nd, 2004 Even prior to its release in May, The Shellcoder's Handbook: Discovering and Exploiting Security Holes drew attention to the exploitive nature of the narrative. In a series of e-mail exchanges, lead author Jack Koziol explains the motive behind this how-to for hackers and what's happened since it hit bookshelves. http://www.linuxsecurity.com/articles/documentation_article-3.html +------------------------+ | Network Security News: | +------------------------+ * Double Snorting June 3rd, 2004 Snort is a GPLed, Network Intrusion Detection System (NIDS) that runs on Linux and Win32. A NIDS monitors the network, looking for hostile traffic. Basically it scans all traffic on a network interface, not just its own host's, comparing it to rules describing the signatures of known attacks. http://www.linuxsecurity.com/articles/network_security_article-8.html +------------------------+ | General Security News: | +------------------------+ * How Much Should You Invest in IT Security? June 4th, 2004 One of the main concerns of the organizers of the Olympic Games to be held in Athens this summer is security, but not only physical security, computer security as well. The emphasis placed on avoiding problems with the computers that will manage huge amounts of data during the games will be proportional to the magnitude of this global event. http://www.linuxsecurity.com/articles/general_article-12.html * Early Alerting - The Key To Proactive Security June 3rd, 2004 The security challenges facing today's enterprise networks are intensifying -- both in frequency and number. The Blaster worm arrived just 26 days after Microsoft disclosed an RPC DCOM Windows flaw and released a patch for vulnerable systems. The worm took advantage of what some security experts have called the most widespread Windows flaw ever. For a time, Blaster was infecting as many as 2,500 computers per hour. http://www.linuxsecurity.com/articles/intrusion_detection_article-11.html * Six ways to justify security training June 1st, 2004 A few days ago, a reader asked if I could help him justify the cost of security training that he and his fellow Unix system administrators felt they needed. http://www.linuxsecurity.com/articles/network_security_article-9363.html * When encryption can be misleading June 1st, 2004 The trust that encryption generates can be deceptive, one researcher, a regular poster to the full-disclosure vulnerability mailing list, has discovered. http://www.linuxsecurity.com/articles/cryptography_article-9362.html * FDIC info security lacking, GAO finds June 1st, 2004 Weaknesses in the Federal Deposit Insurance Corp.'s information systems place sensitive information at risk of unauthorized disclosure, disruption of operations or loss of assets, according to the General Accounting Office. http://www.linuxsecurity.com/articles/government_article-1.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Tue Jun 08 2004 - 01:27:29 PDT