|
|
Subscribe / Log in / New account

Linux Security Week

[Posted July 9, 2003 by ris]

From:  InfoSec News <isn@c4i.org>
To:  isn@attrition.org
Subject:  [ISN] Linux Security Week - July 7th 2003
Date:  Tue, 8 Jul 2003 02:27:46 -0500 (CDT)

+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  July 7th, 2003                                Volume 4, Number 27n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave@linuxsecurity.com    |
|                   Benjamin Thomas         ben@linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Intergrating
SpamAssassin with Mailman," "Open Source Firewalls Explained,"
"Distributed Port Scanning Using OpenBSD's packet filter," and "Secure
Coding: Principles & Practices."


LINUX ADVISORY WATCH:
This week, advisories were released for kopete, kde, unzip, acm, xgalaga,
mantis, kernel, proftpd, gtksee, proftpd, xpdf, acroread, tcptraceroute,
phpbb, noweb, gnocatan, mikmod, XFree86, PHP, ethereal, and ypserv. The
distributors include Conectiva, Debian, Gentoo, Immunix, Mandrake, Red
Hat, TurboLinux, and YellowDog.

http://www.linuxsecurity.com/articles/forums_article-7580.html


>> FREE Apache SSL Guide from Thawte <<
Are you worried about your web server security?  Click here to get
a FREE Thawte Apache SSL Guide and find the answers to all your Apache
SSL security needs.

 Click here to download our Free guide:
 http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25


FEATURE: Real-Time Alerting with Snort
Real-time alerting is a feature of an IDS or any other monitoring
application that notifies a person of an event in an acceptably short
amount of time. The amount of time that is acceptable is different
for every person.

http://www.linuxsecurity.com/feature_stories/feature_story-144.html


--------------------------------------------------------------------

* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.

 --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2

--------------------------------------------------------------------

LINSECURITY.COM FEATURE:
Intrusion Detection Systems: An Introduction
By: Alberto Gonzalez

Intrusion Detection is the process and methodology of inspecting data for
malicious, inaccurate or anomalous activity. At the most basic levels
there are two forms of Intrusion Detection Systems that you will
encounter: Host and Network based.

http://www.linuxsecurity.com/feature_stories/feature_story-143.html



 #### Concerned about the next threat?  ####
 #### EnGarde is the undisputed winner! ####

 Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
 Editor's Choice Award, EnGarde "walked away with our Editor's Choice
 award thanks to the depth of its security strategy..." Find out what
 the other Linux vendors are not telling you.


http://store.guardiandigital.com/html/eng/products/software/esp_overview.shtml


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+

* A quick view on sendmail
July 6th, 2003

Electronic mail is still the most important user service on the network.
The Web carries a greater volume of traffic, but e-mail is the service
used for most person-to-person communication. And person-to-person
communication is the real foundation of business.

http://www.linuxsecurity.com/articles/host_security_article-7583.html


* Integrating SpamAssassin with Mailman
July 3rd, 2003

If you run a moderately popular mailing list, you will have to address the
spam problem at some point. Many spammers actively target mailing lists,
because if the spam doesn't get caught it will be forwarded to many
recipients.

http://www.linuxsecurity.com/articles/documentation_article-7574.html


* Is Linux Security Right For You
July 3rd, 2003

Securing an enterprise Linux environment can be a tough assignment for
Unix or Windows veterans, says author and software engineer Scott Mann.
Linux security requires more up-front and ongoing self-education and
do-it-yourself work than other platforms. But it will also offer more
flexibility.

http://www.linuxsecurity.com/articles/security_sources_article-7575.html


* Securing Linux
July 3rd, 2003

Russell is among those who have made a sterling contribution to the NSA's
SE Linux project. He is listed both among those who have contributed to
the upstream line of development and to the community.

http://www.linuxsecurity.com/articles/forums_article-7579.html



+------------------------+
| Network Security News: |
+------------------------+

* Looking securely at TCP/IP
July 6th, 2003

If you are reading this article, you should have a good understanding of
how computers work and a working knowledge of how to use Internet tools
such as web browsers, Telnet, and e-mail. In addition, you're probably
already aware of the need to protect computers on your network from
exterior threats, while still allowing your web and e-mail traffic to
traverse your connection to the Internet.

http://www.linuxsecurity.com/articles/network_security_article-7582.html


* Better 802.11 Security
July 3rd, 2003

If you've delayed setting up a wireless network because of security
concerns, help is at hand. Around the time you read this, improved
security technology for all variants of 802.11 should be available as free
firmware downloads from most equipment vendors.

http://www.linuxsecurity.com/articles/network_security_article-7578.html


* Open Source Firewalls Explained
July 2nd, 2003

Hackers have computers too and want to keep their own machines free of
intrusion from the Internet. Paradoxically, these computers may be the
most secure computers on the Internet, because the hackers use free
software that they can examine for security problems, they are the first
to discover (or create) security weaknesses, and they fix their own
systems as soon as loopholes are discovered.

http://www.linuxsecurity.com/articles/firewalls_article-7565.html


* Distributed Port Scanning Using OpenBSD's packet filter
July 2nd, 2003

By using openBSD's packet filter pf one can utilize the NAT address pools
added into OpenBSD 3.3 to aid in distributed port scanning.  As the text
explains NAT can be used in a large network to split outgoing connections
over multiple source IP addresses.

http://www.linuxsecurity.com/articles/firewalls_article-7570.html


* The Use of Honeynets to Detect Exploited Systems Across Large
Enterprise Networks
July 1st, 2003

An extremely interesting paper written by Georgia Tech for an IEEE
security workshop. The Georgia Tech University has several Honeynets
deployed on a network of 30,000+ systems. The Honeynets repeatedly
demonstrated their value detecting compromised systems, systems that other
detection technologies failed to discover.

http://www.linuxsecurity.com/articles/intrusion_detection_article-7563.html


* Wi-Fi: Security For The Masses
June 30th, 2003

There's no doubting the hipness of wireless hot spots. Thanks to Wi-Fi
technology, tech-savvy people can jack into the Net at Starbucks
coffeehouses or on Lufthansa Airlines or at upscale hotels across the
nation. In corporate America, Wi-Fi has the potential to become the de
facto standard for connecting mobile users to networks, despite serious
security worries.

http://www.linuxsecurity.com/articles/network_security_article-7558.html


+------------------------+
| General Security News: |
+------------------------+

* Interview with Brian Hatch, author of "Hacking Exposed Linux"
July 2nd, 2003

Brian Hatch is a hacker in the positive sense - a coder, tinkerer, and
tester. I love to prod software into doing things it shouldn't be able to,
be it for good or ill.

http://www.linuxsecurity.com/articles/security_sources_article-7566.html


* Pentagon Pushes Next Version of IP
July 2nd, 2003

The next version of the Internet Protocol, which provides a 128-bit
standard to transmit data, is getting a jump-start for adoption with its
endorsement by the Department of Defense. The result: A boost in the
number of available Internet addresses, to eventually number as many as an
address for every cell in every person on the planet.

http://www.linuxsecurity.com/articles/government_article-7568.html


* Secure Coding: Principles & Practices
July 1st, 2003

The purpose of this paper is to outline the strategies and managing
processes behind implementing a successful Security Policy. Additionally,
I will give recommendations for the creation of a Security Awareness
Program, where the main objective will be to provide staff members with a
better, if not much improved understanding of the issues stated in a
security policy."

http://www.linuxsecurity.com/articles/documentation_article-7562.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.

to post comments


Copyright © 2003, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds