+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | February 28th, 2005 Volume 6, Number 9n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin D. Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Linux kernel to include IPv6 firewall," "Automated Patching: An Easier Approach to Managing Your Network Security," and "Honeypot Project finds decline in Linux attacks." --- >> Enterprise Security for the Small Business << Never before has a small business productivity solution been designed with such robust security features. Engineered with security as a main focus, the Guardian Digital Internet Productivity Suite is the cost-effective solution small businesses have been waiting for. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn07 --- LINUX ADVISORY WATCH This week, advisories were released for emacs, gftp, bidwatcher, mailman, squid, mod_python, kdeedu, gamin, pcmcia, openssh, postgresql, gimp, midnight commander, gproftpd, cyrus imap, cups, kdelibs, xpdf, uim, cpio, and vim. The distributors include Debian, Fedora, Gentoo, Mandrake, Red Hat, and SuSE. http://www.linuxsecurity.com/content/view/118428/150/ --------------- Getting to Know Linux Security: File Permissions Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. http://www.linuxsecurity.com/content/view/118181/49/ --- The Tao of Network Security Monitoring: Beyond Intrusion Detection The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff. http://www.linuxsecurity.com/content/view/118106/49/ --- Encrypting Shell Scripts Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output). http://www.linuxsecurity.com/content/view/117920/49/ -------- >> The Perfect Productivity Tools << WebMail, Groupware and LDAP Integration provide organizations with the ability to securely access corporate email from any computer, collaborate with co-workers and set-up comprehensive addressbooks to consistently keep employees organized and connected. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn05 --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Knoppix Hacks 21st, February, 2005 Many people, at least people in the techno-geek world, are familiar with Knoppix at least far enough to know it is a version of Linux. Some of those people may even know that it is a portable version of Linux that is able to boot entirely from the CD without the need for any installation. But, this book will show those people just how versatile and powerful a tool Knoppix can be- even for supporting and maintaining Windows systems. http://www.linuxsecurity.com/content/view/118393 * HITB E-Zine: Issue #36 Released 20th, February, 2005 After a nice Chinese New Year break we are pleased to bring you Issue #36 of the HITB e-zine. This is a pretty interesting issue with an exclusive article on Red Hat PIE Protection written by Zarul Shahrin as well as an article on building a simple wireless authenticated gateway using OpenBSD by Rosli Sukri (member of the HITB CTF Crew). http://www.linuxsecurity.com/content/view/118389 * Linux kernel to include IPv6 firewall 21st, February, 2005 Version 2.6.12 of the Linux kernel is likely to include packet filtering that will work with IPv6, the latest version of the Internet Protocol. Netfilter/iptables, the firewall engine that is part of the Linux kernel, already allows stateless packet filtering for versions 4 and 6 of the Internet protocol, but only allows stateful packet filtering for IPv4. Stateful packet filtering is the more secure method, since it analyses whole streams of packets, rather than only checking the headers of individual packets -- as is done in stateless packet filtering. http://www.linuxsecurity.com/content/view/118398 * Firewall Builder 2.0.6 24th, February, 2005 Firewall Builder consists of an object-oriented GUI and a set of policy compilers for various firewall platforms. In Firewall Builder, a firewall policy is a set of rules; each rule consists of abstract objects that represent real network objects and services (hosts, routers, firewalls, networks, protocols). http://www.linuxsecurity.com/content/view/118422 * Automated Patching: An Easier Approach to Managing Your Network Security 22nd, February, 2005 Patch management is an essential administration task within today's busy IT networks with the constant threat of new security bugs. Some companies will wait for an attack before taking necessary action to protect themselves from further threat whilst others consider patching as often as possible. http://www.linuxsecurity.com/content/view/118401 * Security holes affect multiple Linux/Unix products 23rd, February, 2005 Attackers could launch malicious code by exploiting vulnerabilities in a file transferring tool used in many Linux and Unix systems, according to two security firms. http://www.linuxsecurity.com/content/view/118414 * Zen and the Art of Intrusion Detection 22nd, February, 2005 If a tree falls in a forest with no-one to hear it, does it make a sound? So goes a typical zen-like philosophical question. While it's thought-provoking, what does it have to do with Intrusion Detection Systems (IDS)? Simple if you're not there to watch the tree fall, do you need to know whether it fell or not? The same principle applies with IDS. http://www.linuxsecurity.com/content/view/118402 * Review: Linux Server Security 23rd, February, 2005 Staying on my current security theme, O'Reilly has published a second edition of Linux Server Security by Michael D. Bauer. The book, targeted toward those managing Internet-connected systems, also known as bastion hosts, packs a powerful arsenal of security design, theory and practical configuration schemes into 500 pages. http://www.linuxsecurity.com/content/view/118412 * Oracle wraps top-notch security around Linux 23rd, February, 2005 Oracle has tightened up the security of a number of its products to allow customers to use them in critical national infrastructures, including in conjunction with open source technology from Linux. Oracle has met the Common Criteria Evaluations at the EAL4 level the highest industry security level for commercial software for its Oracle Internet Directory, a middleware component of Oracle Identity Management; Oracle9i Database release 2; and the Oracle9i Label Security release 2. http://www.linuxsecurity.com/content/view/118415 * How to cut patchwork and save a cool $100m 24th, February, 2005 ccording to Gilligan, a new vulnerability is discovered nearly every day in the commercial software products the Air Force uses not just Microsoft, but also Linux, Oracle and Cisco Systems. "What we are now reaping is the unfortunate consequence of an era of software development in the 90s, when the rush to get the product to market overrode the importance of correctness in the quality of the software." http://www.linuxsecurity.com/content/view/118419 * Novell appliance takes security to the edge 22nd, February, 2005 Novell has developed a Linux-based "perimeter security" hardware appliance that protects companies against security threats such as hackers, viruses, worms, spam and network intrusions. Novell launched the Novell Security Manager at last week's RSA conference. It is aimed at small and medium-sized businesses. http://www.linuxsecurity.com/content/view/118400 * Firefox phishing flaw fixed 25th, February, 2005 A vulnerability that could allow Web addresses to be spoofed has been fixed in an updated version of the Firefox browser The Mozilla Foundation released an update to the Firefox Web browser on Thursday to fix several vulnerabilities, including one that would allow domain spoofing. http://www.linuxsecurity.com/content/view/118429 * Arkeia Network Backup Agent Remote Access (Exploit?) 21st, February, 2005 On February 18th, 2005 "John Doe" posted a remote buffer overflow exploit for the Arkeia Network Backup Client. This vulnerability affected all known versions of the software, going back as far as the 4.2 series (when the company was called Knox). The buffer overflow occurs when a large data section is sent with a packet marked as type 77. The Arkeia Network Backup Client is your typical backup agent; it runs with the highest privileges available (root or LocalSystem) and waits for a connection from the backup server. The Arkeia client and server both use TCP port 617 for communication. According to the SANS ISC, the kids are wasting no time. http://www.linuxsecurity.com/content/view/118392 * Honeypot Project finds decline in Linux attacks 24th, February, 2005 Unpatched Linux systems are lasting longer on the internet before being compromised, according to a study by the Honeynet Project, a nonprofit group of security professionals that researches online attackers' methods and motives. Data from 12 honeynets showed that the average "life expectancy" of an unpatched Linux system has increased to three months from 72 hours two years ago. http://www.linuxsecurity.com/content/view/118420 * Is variable reponse the key to secure systems? 21st, February, 2005 Intrusion detection software (IDS) first made a serious impression on the European security market in the late 1990s. As with vulnerability scanning products, how good it was depended on where it got its database from and how often it was updated. IDS then languished for a few years with little variation. Improvements in alerting, refinements in detecting false positives and more enterprise scalability were the notable developments. http://www.linuxsecurity.com/content/view/118394 * Linux For The Future 22nd, February, 2005 Red Hat spent last week trying to get customers to expect more from Linux, talking up the release of the first version of its operating system based on the 2.6 Linux kernel. Red Hat Enterprise Linux 4 adds a number of security, scalability, desktop, and management features. http://www.linuxsecurity.com/content/view/118399 * Insecure ISP Support Is No Help at All 23rd, February, 2005 Hello, this is officer support of the ISP Police Department. You say you're worried that someone might try to steal your car? OK, I'm going to try to troubleshoot this problem for you, but I need you to do two things. First, I'm going to need you to bring your car down so we can check it out. But I want you to park your car in a poorly lighted lot in a shady part of town. Trust me, we handle this kind of thing all the time. http://www.linuxsecurity.com/content/view/118413 * Feds square off with organized cyber crime 24th, February, 2005 Computer intruders are learning to play well with others, and that's bad news for the Internet, according to a panel of law enforcement officials and legal experts speaking at the RSA Conference in San Francisco last week. Christopher Painter, deputy director of the Justice Department's computer crime section, spoke almost nostalgically of the days when hackers acted "primarily out of intellectual curiosity." Today, he says, cyber outlaws and serious fraud artists are increasingly working in concert, or are one and the same. "What we've seen recently is a coming together of these two groups," said Painter. http://www.linuxsecurity.com/content/view/118421 * Entrepreneur-professor teaches students to stop hackers, viruses, has lessons for all 25th, February, 2005 Access the Internet using an unprotected personal computer and a hacker will be knocking at the door within about 45 seconds. Do that with a Web server and in less than 15 minutes, there's a 50-50 chance it's been taken over by someone who can use it to send spam e-mails all over the world that can be traced back to you. Hook up that new wireless router you bought at the consumer-electronics store, use the default settings, and someone can park outside on the street or sit next door and download porn using your broadband connection. http://www.linuxsecurity.com/content/view/118430 * Mesh Networking Soars to New Heights 19th, February, 2005 Mesh Networking and community wireless broadband reached new heights with a world first for Locustworld MeshAP PRO when a Shadow microlight aircraft flew over Lincolnshire UK and successfully tested air to ground mesh networking and voice over broadband. South Witham broadband (Lincolnshire UK) joined forces with Make Me Wireless (Australia) and using LocustWorld MeshAP PRO and Asterisk VoIP equipment, seamlessly created air to ground voice communications at 2000 feet with the 16 node South Witham community broadband network. http://www.linuxsecurity.com/content/view/118387 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Tue Mar 01 2005 - 03:34:38 PST