+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | October 31st, 2005 Volume 6, Number 45n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin D. Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Keychain: Openssh Key Management," "Two Factor Authentication Systems," and "Putting Patch Management in Perspective." --- ## EnGarde Secure Linux 3.0 - Download Now! ## * Linux 2.6 kernel featuring SELinux Mandatory Access Control * Guardian Digital Secure Network features free access to all system and security updates (to be available shortly through an updated release) * Support for new hardware, including 64-bit AMD architecture * Web-based management of all functions, including the ability to build a complete web presence with FTP, DNS, HTTP, SMTP and more. * Apache v2.0, BIND v9.3, MySQL v5.0(beta) * Completely new WebTool, featuring easier navigation and greater ability to manage the complete system * Integrated firewall with ability to manage individual firewall rules, control port forwarding, and creation of IP blacklists * Built-in UPS configuration provides ability to manage an entire network of battery-backup devices * RSS feed provides ability to display current news and immediate access to system and security updates * Real-time access to system and service log information LEARN MORE: http://www.guardiandigital.com/products/software/community/esl.html --- LINUX ADVISORY WATCH This week, advisories were released for mozilla, module-assistant, eric, sudo, libgda2, imlib, koffice, net-snmp, lynx, RTF, Netpbm, cURL, Zope, phpMyAdmin, ethereal, pam, and fetchmail. The distributors include Debian, Gentoo, and Red Hat. http://www.linuxsecurity.com/content/view/120679/150/ --- Hacks From Pax: SELinux And Access Decisions Hi, and welcome to my second of a series of articles on Security Enhanced Linux. My previous article detailed the background of SELinux and explained what makes SELinux such a revolutionary advance in systems security. This week, we'll be discussing how SELinux security contexts work and how policy decisions are made by SELinux. SELinux systems can differ based on their security policy, so for the purposes of this article's examples I'll be using an EnGarde Secure Linux 3.0 system, which by default uses a tightly configured policy that confines every included application. http://www.linuxsecurity.com/content/view/120622/49/ --- Hacks From Pax: PHP Web Application Security By: Pax Dickinson Today on Hacks From Pax we'll be discussing PHP web application security. PHP is a great language for rapidly developing web applications, and is very friendly to beginning programmers, but some of its design can make it difficult to write web apps that are properly secure. We'll discuss some of the main security "gotchas" when developing PHP web applications, from proper user input sanitization to avoiding SQL injection vulnerabilities. http://www.linuxsecurity.com/content/view/120043/49/ --- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Keychain - Openssh Key Management 27th, October, 2005 Ever since networking came out, one important issue, to a various extent over the time, has been how to give the legitimate users the right access - authentication, which is one of the three basic elements in security: authentication, authorization and access control. http://www.linuxsecurity.com/content/view/120675 * Security Book Contest 27th, October, 2005 We are giving away the following titles: Rootkits: Subverting the Windows Kernel, Real Digital Forensics, Cryptography in the Database, Extrusion Detection, Secure Coding in C and C++, Data Protection and Information Lifecycle Management. http://www.linuxsecurity.com/content/view/120669 * Help's A Firewall Away 24th, October, 2005 Flash back to December 2002. Barely in his 20s, self-taught network engineer and help-desk staffer Joel Bomgaars is frustrated because firewalls prevent him from accessing PCs of users needing help. At his cubical at systems integrator Business Communications Inc., he has an epiphany: Instead of accessing the user's computer, have the user request help by going to a Web site. That would clear the firewall hurdles, because firewalls only block incoming messages. The idea worked, and Bomgaars was able to connect with a user within 10 seconds. http://www.linuxsecurity.com/content/view/120644 * Two Factor Authentication Systems? 27th, October, 2005 I've been given a project to undertake that involves setting our internal network systems up to have two factor authentication. I need suggestions to take in front of our CIO that shows how the security model works, cost vs benefit/features, and the different options. At this point, the name brand is RSA and I'm pressed to find any others even though I've done looking around. http://www.linuxsecurity.com/content/view/120674 * VOIP may be vulnerable to barrage of threats 25th, October, 2005 Is enterprise VoIP (voice over IP) due for a security wakeup call or are the threats mostly exaggerated? It depends on who's talking. http://www.linuxsecurity.com/content/view/120650 * Hotrod Your Linksys WAP with Linux 26th, October, 2005 A lot of Linux geeks are master scroungers, because Linux is so adaptable that old AMDs, classic Pentiums and even 386es and 486es can be put to use in some way. It's a shame to throw away old equipment when it can be repurposed as networking devices like firewalls, authentication servers and routers. But as fun as it is to recycle, I'll wager I'm not the only who has gazed upon shiny new devices like the Linksys WRT54G and sighed "Wouldn't that be a great device for my network! It is small, cheap, and uses little power. http://www.linuxsecurity.com/content/view/120663 * OSSEC HIDS v0.4 available - log analysis, rootkit detection and integrity checking 27th, October, 2005 Version 0.4 of the OSSEC HIDS is now available. OSSEC HIDS is an Open source Host-based intrusion detection software. It performs log analysis, integrity checking, rootkit detection and health monitoring. http://www.linuxsecurity.com/content/view/120670 * Gartner event focuses on security 24th, October, 2005 With many keeping one eye on Hurricane Wilma churning off the coast, 6,000 IT executives last week heard Gartner analysts offer their vision on everything from security trends to wireless network directions. The Gartner Symposium and IT Expo 2005 also brought out 190 vendors and included keynote presentations from Microsoft CEO Steve Ballmer, HP CEO Mark Hurd and Dell CEO Michael Dell. http://www.linuxsecurity.com/content/view/120643 * Putting Patch Management in Perspective 25th, October, 2005 Whether scanning and patching .vulnerable. systems, or urgently reacting to a vendor.s patch release, many organizations have become more and more reactive when it comes to dealing with electronic security. http://www.linuxsecurity.com/content/view/120651 * Check List For Linux Security 27th, October, 2005 Linux is an amazing operating system considering how it was originally created. It was a modest program written for one person as a hobby - Linus Torvald of Finland. It has grown into a full-fledge 32-bit operating system. It is solid, stable and provides support for an incredible number of applications. It has very powerful capabilities and runs very fast and rarely crashes. http://www.linuxsecurity.com/content/view/120673 * Are open source databases more secure? 28th, October, 2005 If a recent Evans Data Corp. survey is any indication, IT administrators are increasingly worried about security holes in mainstream database products and are looking at open source alternatives. But John Andrews, president of the Santa Cruz, Calif.-based research firm, said that doesn't mean open source is necessarily better. http://www.linuxsecurity.com/content/view/120682 * Advanced Linux LDAP authentication 28th, October, 2005 In an earlier look at LDAP, we set up a simple LDAP-based authentication system. We configured client machines to retrieve authentication information from a server running OpenLDAP. Now let's go further by enabling encryption and looking at how to make user modifications through LDAP. http://www.linuxsecurity.com/content/view/120683 * The Story of Snort: Past, Present and Future 25th, October, 2005 Last week we met with Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention. Presented here is the entire story of Snort in his words that covers seven years of development that made this tool one of the most important security software titles ever developed. http://www.linuxsecurity.com/content/view/120656 * Skype Buffer Overflow Vulnerability 25th, October, 2005 It looks like that Skype can be made to execute arbitrary code through a buffer overflow when the software is called upon to handle malformed URLs that are in form of callto:// and skype://. http://www.linuxsecurity.com/content/view/120657 * The Story of Snort: Past, Present and Future 25th, October, 2005 Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention, presents the story of Snort that covers seven years of development that made this tool one of the most important security software titles ever developed. In this audio session you'll get all the details on how Snort was initially conceived as well as how it is expected to develop further now after Check Point http://www.linuxsecurity.com/content/view/120647 * Nessus fork emerges 26th, October, 2005 With news settling in that the makers of the network vulnerability scanner Nessus will not open source the next version of the software, the team behind the soon-to-be-renamed GNessUs project is growing fast and attracting attention. http://www.linuxsecurity.com/content/view/120665 * FAQ: Identity fraud uncovered 24th, October, 2005 Doing a thorough job means thinking about concepts like hard drive wiping, file system encryption and phishing detection--not everyday fare for many of us. To help you protect yourself from identity fraudsters, CNET News.com has compiled the following list of frequently asked questions and their answers. http://www.linuxsecurity.com/content/view/120642 * The hacker as terrorist? 24th, October, 2005 If Congress approves the controversial anti-terror bill that Pres. Gloria Macapagal Arroyo is eagerly pushing to become a law, hacking or cracking would soon be considered as an act of terrorism. http://www.linuxsecurity.com/content/view/120645 * VoIP Security Alliance Delivers VoIP Security Framework 25th, October, 2005 The Voice over IP Security Alliance (VOIPSA), today released the first comprehensive description of security and threats in the field of VoIP. The results, known as the VoIP Security Threat Taxonomy, provide the industry with a clear view of VoIP threats, the vulnerabilities and a context for balancing trade-offs. http://www.linuxsecurity.com/content/view/120646 * Inside hackers' kindergarten 25th, October, 2005 A rash of website defacements demonstrates that hackers can enter corporate, government and education websites at will, according to cyber-security expert Ken Low. http://www.linuxsecurity.com/content/view/120649 * Sweating In the Hot Zone 26th, October, 2005 Imagine what life would be like if your product were never finished, if your work were never done, if your market shifted 30 times a day. The computer-virus hunters at Symantec don't have to imagine. http://www.linuxsecurity.com/content/view/120664 * Are You Ready To Be Hacked? 26th, October, 2005 "The Air Force and the Pentagon are extremely attractive targets and so the publicity acts as a draw for hackers," said Frost & Sullivan industry analyst for network security Rob Ayoub. "As far as a lot of smaller companies go, there's always a risk but they have a reasonable amount of security through obscurity." http://www.linuxsecurity.com/content/view/120662 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Oct 31 2005 - 22:38:06 PST