+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 7th, 2005 Volume 6, Number 10n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin D. Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Firewalls' False Sense of Security," "Easy Automated Snapshot-Style Backups with Linux and Rsync," and "Why you should perform regular security audits." --- >> Enterprise Security for the Small Business << Never before has a small business productivity solution been designed with such robust security features. Engineered with security as a main focus, the Guardian Digital Internet Productivity Suite is the cost-effective solution small businesses have been waiting for. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn07 --- LINUX ADVISORY WATCH This week, advisories were released for mod_python, bsmtpd, gaim, bind, gnucash, dhcp, at vixie-cron, lam, pvm, radvd, selinux-targeted- policy, tcsh, openoffice, gamin, cmd5checkpw, uim, UnAce, MediaWiki, phpBB, phpWebSite, xli, xloadimage, firefox, squid, kdenetwork, nvidia, curl, uw-imap, and cyrus-sasl. The distributors include Conectiva, Debian, Fedora, Gentoo, Red Hat, and SuSE. http://www.linuxsecurity.com/content/view/118492/150/ --------------- Getting to Know Linux Security: File Permissions Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. http://www.linuxsecurity.com/content/view/118181/49/ --- The Tao of Network Security Monitoring: Beyond Intrusion Detection The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff. http://www.linuxsecurity.com/content/view/118106/49/ --- Encrypting Shell Scripts Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output). http://www.linuxsecurity.com/content/view/117920/49/ -------- >> The Perfect Productivity Tools << WebMail, Groupware and LDAP Integration provide organizations with the ability to securely access corporate email from any computer, collaborate with co-workers and set-up comprehensive addressbooks to consistently keep employees organized and connected. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn05 --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Firewalls' False Sense of Security 1st, March, 2005 The Internet front door to almost every bank and financial services company in the world is guarded by two sets of firewalls defining a DMZ. Nearly every e-commerce site sits in a similar DMZ in what has become the de facto standard in Web security architecture. According to Sun Microsystems, "In today's tumultuous times, having a sound firewall/DMZ environment is your first line of defense against external threats." But I would argue that guarding the perimeter is lulling organizations into a false sense of security that results in ignoring the implementation of other security mechanisms in their applications and databases. http://www.linuxsecurity.com/content/view/118458 * Firewall warns dealers of physical security threat 1st, March, 2005 Specialist distributor, Firewall Systems, is warning resellers to start thinking of security as a managed service or risk losing market share to physical security providers. http://www.linuxsecurity.com/content/view/118460 * Where's the security leadership 4th, March, 2005 This year's RSA Conference was another opportunity for the security glitterati to shine. http://www.linuxsecurity.com/content/view/118496 * How secure is your computer? 28th, February, 2005 StillSecure attached six computers - loaded with different versions of the Windows, Linux and Apple's Macintosh operating systems - earlier this month to the Internet without anti-virus software. The results show the Internet is a very rough place. Over the course of a week, the machines were scanned a total of 46,255 times by computers around the world that crawl the Web looking for vulnerabilities in operating systems. http://www.linuxsecurity.com/content/view/118454 * Real Player under Attack 2nd, March, 2005 For Linux the RealPlayer 10 and the Helix Player are affected. No fixed versions are available for this. The Player for Symbian and PalmOS are not concerned by the weak spots.RealNetworks classifies the security gaps as critical and recommends all users to install the available updates. Under Windows and Mac OS the update function of the Player can be used. http://www.linuxsecurity.com/content/view/118465 * Two Sides of Vulnerability Scanning 28th, February, 2005 There are two approaches to network vulnerability scanning, active and passive. The active approach encompasses everything an organization does to foil system breaches, while the passive (or monitoring) approach entails all the ways the organization oversees system security. When making buying decisions for your organization, it's a mistake to think that you have to choose between the two types of protection. http://www.linuxsecurity.com/content/view/118455 * Realistic SELinux 2nd, March, 2005 SElinux is an impressively designed but notoriously hard-to-configure set of kernel hooks that enforce Orange Book-style security on Linux. Full support for SELinux takes effort, but when I first heard about Fedora's new targeted policies for SELinux, I was willing to tell the Red Hat folks "thanks, but no thanks." A conversation with their Dan Walsh changed my mind. http://www.linuxsecurity.com/content/view/118466 * Easy Automated Snapshot-Style Backups with Linux and Rsync 3rd, March, 2005 This document describes a method for generating automatic rotating "snapshot"-style backups on a Unix-based system, with specific examples drawn from the author's GNU/Linux experience. Snapshot backups are a feature of some high-end industrial file servers; they create the illusion of multiple, full backups per day without the space or processing overhead. All of the snapshots are read-only, and are accessible directly by users as special system directories. http://www.linuxsecurity.com/content/view/118482 * Linux Security Rough Around The Edges, But Improving 4th, March, 2005 The National Security Agency built a version of Linux with more security tools that its technologists believe could help make the country's computing infrastructure less vulnerable. They won over the Linux developer community with the changes. But its success depends on the adoption by U.S. companies and government agencies, something that remains very much in doubt. http://www.linuxsecurity.com/content/view/118494 * Opera Targets Browser Vulnerability 1st, March, 2005 Taking a cue from Firefox and others, software developer Opera is updating the latest iteration of its Web browser to combat phishing attacks that take advantage of a domain name vulnerability. To address the emerging Internationalized Domain Names (IDN) issue, the second Beta version of the Opera browser displays localized domain names from certain top level domains (TLD). It selects TLDs that have stringent policies on the domain names they register. The Norwegian firm said it will update its list of trusted TLDs on a regular basis to further protect users. http://www.linuxsecurity.com/content/view/118457 * French Ministry of Education and Research and Mandrakesoft 2nd, March, 2005 Mandrakelinux products cover needs from the desktop (with the PowerPack) to critical infrastructure functions (with the Multi Network Firewall). The Multi Network Firewall operating system is able to control access to both an organisation's private intranet and the public internet. Mandrakesoft products are part of the software library which has been selected to modernize the infrastructure of France's education system. As well as the applications themselves, Mandrakesoft will deliver technical support and training to staff. http://www.linuxsecurity.com/content/view/118471 * Computer Security 101 1st, March, 2005 This sort of basic firewall has some issues that can be exploited by hackers and malicious programmers to sneak through which is why there are more advanced firewall systems. I mentioned that with this sort of port blocking, communications in response to connections initiated by your computer would be allowed through even on ports you were blocking. Using this knowledge, a hacker can forge the packet to make it look like it is a reply rather than an initiation of a connection and the firewall will allow it through. http://www.linuxsecurity.com/content/view/118459 * Why you should perform regular security audits 2nd, March, 2005 In less than a decade, Internet security has evolved from an almost esoteric topic to become one of the more important facets of modern computing. And yet it's a rarity to find companies that actually consider information security to be an important job function for all workers--and not just the IT department's problem. http://www.linuxsecurity.com/content/view/118468 * Linux starts to take a more central IT role 3rd, March, 2005 "It's as deep as it will get for us. It's what we're betting the data center on," said Jon Fraley, a Linux administrator at Glen Raven. In December, the Glen Raven, North Carolina-based textile manufacturer finished moving mission-critical Oracle databases from an aging 24-CPU Hewlett-Packard server running Unix to four-way HP servers that are based on Intel Xeon processors and run Red Hat's Linux distribution. http://www.linuxsecurity.com/content/view/118473 * Security market "worth $5.5bn by 2008" 4th, March, 2005 The security software and appliance market rose by 30 per cent last year and is predicted to be worth $5.5billion worldwide by 2008 according to a new report. http://www.linuxsecurity.com/content/view/118495 * Managed Security Service Expands Compliance Capabilities 3rd, March, 2005 "RES' Information Security and Threat Management solution provides a perfect blend of best practices and industry standards that our enterprise customers need to comply with growing regulatory requirements," said Douglas Adams, RES vice president of sales and marketing. RES is committed to providing the most innovative managed services designed to meet the quality-of-service demands of our Fortune 500 and Fortune 1000 enterprise customers." http://www.linuxsecurity.com/content/view/118475 * Find wireless rogues without sensors 3rd, March, 2005 I finally settled on a strategy for wireless security. As wireless access points began appearing on our company's network, we configured them with Cisco's Lightweight Extensible Access Protocol (read my previous article, Migrate WLANs away from Cisco's LEAP). LEAP forces users to authenticate to the access point with their enterprise credentials - the same credentials used for virtual private network access, as well as services such as payroll and Microsoft Exchange e-mail. That's because we use a centralised directory that ties into most of our core applications and lets employees use a single password to sign on. http://www.linuxsecurity.com/content/view/118474 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Mon Mar 07 2005 - 06:33:37 PST