+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | January 2nd, 2006 Volume 7, Number 1n | | | | Editorial Team: Dave Wreski dave@private | | Benjamin D. Thomas ben@private | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Adaptive Firewalls with iptables," "Bandwidth monitoring with iptables," "Four Security Resolutions For The New Year," and "DNS Name Prediction With Google." --- Earn an NSA recognized IA Masters Online The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/linsec --- LINUX ADVISORY WATCH This week, advisories were released for phpbb2, ketm, tkdiff, dhis-tools-dns, Mantis, NDB, rssh, OpenMotif, scponly, msec, fetchmail, cpio, php-mbstring, and libgphoto. The distributors include Debian, Gentoo, and Mandriva. http://www.linuxsecurity.com/content/view/121125/150/ --- * EnGarde Secure Community 3.0.2 Released 6th, December, 2005 Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.2 (Version 3.0, Release 2). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool, the SELinux policy, and the LiveCD environment. http://www.linuxsecurity.com/content/view/120951 --- Hacks From Pax: SELinux Administration This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux. http://www.linuxsecurity.com/content/view/120700/49/ --- Hacks From Pax: SELinux And Access Decisions Hi, and welcome to my second of a series of articles on Security Enhanced Linux. My previous article detailed the background of SELinux and explained what makes SELinux such a revolutionary advance in systems security. This week, we'll be discussing how SELinux security contexts work and how policy decisions are made by SELinux. SELinux systems can differ based on their security policy, so for the purposes of this article's examples I'll be using an EnGarde Secure Linux 3.0 system, which by default uses a tightly configured policy that confines every included application. http://www.linuxsecurity.com/content/view/120622/49/ --- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Ethereal 0.10.14 Release Notes 30th, December, 2005 Ethereal 0.10.14 has been released. Several security-related vulnerabilities have been fixed. Everyone is encouraged to upgrade. The following features are new (or have been significantly updated) since the last release. http://www.linuxsecurity.com/content/view/121127 * Adaptive Firewalls with iptables 26th, December, 2005 Up until now, we've looked at stateless and stateful firewalls. Remember, stateless firewalls only have the features of a given packet to use as criteria for whether that packet should be passed, blocked, or logged. With a stateful firewall, in addition to the fields in that packet, we also have access to the kernel's table of open connections to use in deciding the fate of this packet. http://www.linuxsecurity.com/content/view/121099 * Bandwidth monitoring with iptables 27th, December, 2005 Linux has a number of useful bandwidth monitoring and management programs. A quick search on Freshmeat.net for bandwidth returns a number of applications. However, if all you need is a basic overview of your total bandwidth usage, iptables is all you really need -- and it's already installed if you're using a Linux distribution based on the 2.4.x or 2.6.x kernels. Most of the time we use iptables to set up a firewall on a machine, but iptables also provides packet and byte counters. Every time an iptables rule is matched by incoming or outgoing data streams, the software tracks the number of packets and the amount of data that passes through the rules. http://www.linuxsecurity.com/content/view/121106 * Cisco vulnerability posted to Internet 29th, December, 2005 One day after a security researcher and organizers of the Black Hat USA conference agreed not to post details of vulnerabilities in Cisco 's router software, the information has been published on the Internet.On Friday, the Web site Cryptome.org posted what appear to be slides written to accompany a presentation given by former Internet Security Systems Inc. (ISS) researcher Michael Lynn, at the Black Hat conference in Las Vegas. http://www.linuxsecurity.com/content/view/121119 * An Inexpensive and Versatile IDS 27th, December, 2005 An intrusion detection system can be an effective technical control in the modern world of information and network security. One option that provides for low cost NIDS sensor deployment is the use of the open source IDS software Snort in combination with a consumer grade LinkSys cable/DSL router and the open source firmware distribution OpenWrt. These three items together form a powerful yet inexpensive unit that delivers IDS, routing, firewall, wireless, and NAT functionality for use in a light-weight environment, i.e. consumer or small business deployments. http://www.linuxsecurity.com/content/view/121104 * D@TA Protection and the Linux Environment 28th, December, 2005 This is an exciting time for people involved in data protection, and not in the bad way that things can be exciting. Many more options, techniques, and practices have become available to IT professionals. The new technology solves a great many problems. http://www.linuxsecurity.com/content/view/121113 * Researchers pore over biometrics spoofing data 29th, December, 2005 Sweaty hands might make you unpopular as a dance partner but they could someday prevent hackers from getting into your bank account. Researchers at Clarkson University have found that fingerprint readers can be spoofed by fingerprint images lifted with Play-Doh or gelatine or a model of a finger moulded out of dental plaster. The group even assembled a collection of fingers cut from the hands of cadavers. http://www.linuxsecurity.com/content/view/121120 * Linux in a Business - Got Root? 30th, December, 2005 I work for a government contractor, and have recently convinced them to purchase a Beowulf cluster, and start moving their numeric modelers from Sun to Linux. Like most historically UNIX shops, they don't allow users even low-level SUDO access, to do silly things like change file permissions or ownerships, in a tracked environment. I am an ex-*NIX admin myself ,so I understand their perspective and wish to keep control over the environment, but as a user, I'm frustrated by having to frequently call the help-desk just to get a file ownership changed or a specific package installed. http://www.linuxsecurity.com/content/view/121126 * Financial institutions lead march to Linux in Korea 29th, December, 2005 In the latest in a series of moves aimed at getting Korean government institutions to move away from their reliance on Windows and Unix and adopt open source software, two state-owned financial institutions planned to launch the country's first Linux-based Internet banking services in December. The state-owned Korea Post and the National Agricultural Cooperative Federation (NACF) have both said their systems will be up and running for Linux users before the end of December as a part of the open source software fostering projects of the Ministry of Information and Communication. http://www.linuxsecurity.com/content/view/121121 * Four Security Resolutions For The New Year 26th, December, 2005 I always know what my first New Year=E2..s resolution is going to be, because it=E2..s the same every year: lose weight. Chances are, you have the same one. But by the time the Super Bowl happens, and you eat seven thousand calories on that one day, you=E2..ll have already have given up on that resolution. http://www.linuxsecurity.com/content/view/121098 * IT security professionals moving up the corporate pecking order 26th, December, 2005 Ultimate responsibility for information security is moving up corporate management hierarchies, as board-level directors and CEOs or CISO/CSOs are increasingly held accountable for safeguarding IT infrastructures, new research has revealed. The second annual Global Information Security Workforce Study, conducted by global analyst firm IDC and sponsored by not-for-profit IT security educational organisation, the International Information Systems Security Certification Consortium (ISC)2, expects this accountability shift to continue as information security becomes more relevant in risk management and IT governance strategies. http://www.linuxsecurity.com/content/view/121100 * Browser developers meet, see eye to eye on security 27th, December, 2005 Developers of four major Web browsers -- Konqueror, Mozilla Firefox, Opera, and Internet Explorer (IE) -- gathered at an informal meeting in Toronto on November 17 to review plans and share progress on security improvements and standards. The intents were making security information more meaningful to users, and balancing security for high-traffic sites (such as banks) and smaller organizations and businesses. http://www.linuxsecurity.com/content/view/121105 * Security Is Not Insurance 27th, December, 2005 What's the hardest part of a chief security officer's job? Evaluating new technologies? Establishing policies for users to follow? Actually, it's more political than that, Jim Routh, chief security officer of Depository Trust & Clearing Corp., said during an Interop presentation Tuesday. "The hardest part of a CSO's job is influencing information security and practices that will be implemented throughout an organization," he said. "It's a delicate process, particularly when you're asking an IT or business manager to rethink how they operate. Education is probably the most important strategic tool for a CSO, without a doubt." And you thought wayward data tapes throwing themselves off of the back of delivery trucks were going to be your biggest challenge. http://www.linuxsecurity.com/content/view/121108 * Rootkits, cybercrime and OneCare 28th, December, 2005 The year 2005 in net security will likely be remembered as the year of the Sony rootkit DRM controversy. In other ways the last 12 months continued the trend of profit becoming a primary driver for the creation of computer viruses. The last 12 months also witnessed a number of high-profile cybercrime prosecutions, including the sentencing of NetSky author Sven Jaschan. http://www.linuxsecurity.com/content/view/121111 * The Linux Year: A Look Back at 2005 29th, December, 2005 With the birth of each new year, the accolade of 'year of the penguin' has been dusted off and pre-emptively awarded time after time. 2005 was no different, and there's little reason to suppose that 2006 will underwhelm either. http://www.linuxsecurity.com/content/view/121122 * What Tech Skills Are Hot For 2006? 29th, December, 2005 There's continued demand for people with information security skills, say Symons and others. And even though long-term demand is expected to remain strong, the growing ranks of people who have obtained IT security certifications has had a short-term dampening effect on compensation. http://www.linuxsecurity.com/content/view/121123 * Record bad year for tech security 30th, December, 2005 2005 saw the most computer security breaches ever, subjecting millions of Americans to potential identity fraud, according to a report published Thursday. Over 130 major intrusions exposed more than 55 million Americans to the growing variety of fraud as personal data like Social Security and credit card numbers were left unprotected, according to USA Today. http://www.linuxsecurity.com/content/view/121129 * All the Rage: It's 2006: Do You Know Where Your Security Policies Are? 2nd, January, 2006 It's the beginning of a new year--time to review your approach to security policy. If you think implementing firewalls, IDSs and antivirus/antispam products is enough, you're sorely mistaken. No matter the size of your enterprise, you must define a framework of security policies, standards and procedures for securing valuable corporate assets. If you don't, you may be leaving your company open to a variety of vulnerabilities. http://www.linuxsecurity.com/content/view/121132 * Marriott customer data missing 29th, December, 2005 A division of the Marriott International hotel empire has notified more than 200,000 clients of back-up security tapes missing from the company's Orlando corporate offices. The breached records contained personal information of about 206,000 associates, timeshare owners and timeshare customers, the company said this week in a statement. http://www.linuxsecurity.com/content/view/121118 * Data Security Movement Back-Burnered By Lawmakers 28th, December, 2005 Despite a year's worth of highly publicized security breaches and a lot of talk in Congress this summer on ways to protect consumers, there's been too little done to protect U.S. consumers' data, Gartner research director Avivah Litan says. http://www.linuxsecurity.com/content/view/121112 * DNS Name Prediction With Google 2nd, January, 2006 As discussed in Google Hacking for Penetration Testers from Syngress publishing[1], there are many different ways to perform network reconnaissance using Google. Since the publication of that text, many different ideas and techniques have come to light. This document addresses one interesting technique, which we=E2..ll call DNS name[2] prediction. This document assumes you have some knowledge of basic network recon, and is not intended as a hand-holding approach to hacking. If you're evil, stop reading this and go work out some aggression on a sack-o-potatoes or something. http://www.linuxsecurity.com/content/view/121131 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Wed Jan 04 2006 - 03:21:41 PST