Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - August 6th 2001

From: InfoSec News <isn () c4i org>
Date: Tue, 7 Aug 2001 05:07:58 -0500 (CDT)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  August 6th, 2001                            Volume 2, Number 31n   |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+
 
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, the most interesting articles include "Installing and running
Tripwire," "Securing an Unpatchable Webserver," and "Network Security
Policy: Best Practices White Paper."  Also this week, two excellent
FreeBSD papers were released, "Implementing Security in FreeBSD UNIX
System, Part One," and "FreeBSD Security How-To, Chapter One."

This week, advisories were released for telnetd, windowmaker, apache-ssl,
openssl, the Linux kernel, and imp.  The vendors include Caldera, Debian,
and FreeBSD.

http://www.linuxsecurity.com/articles/forums_article-3443.html


Maximize your security with EnGarde!  EnGarde was designed from the ground
up as a secure solution, starting with the principle of least privilege,
and carrying it through every aspect of its implementation.
 
http://www.engardelinux.org 
 
EnGarde Quick Start Guide - This is a document that provides you with the
information necessary to quickly begin using your EnGarde system.
 
http://www.guardiandigital.com/docs/EnGardeManual/ESLQuick-1.0.1.pdf 
 
 

HTML Version:
http://www.linuxsecurity.com/vuln-newsletter.html
 
 

+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+
 
* Installing and running Tripwire
August 5th, 2001

The following article deals with a little software package known as
Tripwire, available for Linux as well as for other Unix variants and
Windows. Only the Linux version is open source though, others are
commercial.


http://www.linuxsecurity.com/articles/intrusion_detection_article-3447.html



* Implementing Security in FreeBSD UNIX System, Part One
August 1st, 2001

This is part one of a two-part security series on DaemonNews. Part
one describes security in general terms. Part two will drill down
into specific strategies for securing common services.  The funny
thing about security is that we actually have quite a lot of it in
the UNIX paradigm. We have users, groups, chroot, secure levels, and
jails. 

http://www.linuxsecurity.com/articles/host_security_article-3438.html


* Securing an Unpatchable Webserver... HogWash!
July 31st, 2001

Hogwash is a Snort-based packet scrubber designed to take out 95% of
the stock attacks hackers may throw at a network. Hogwash lives
inline like a firewall, but it works differently. Instead of closing
ports like a traditional firewall, it drops or modifies specific
packets based on a signature match. 

http://www.linuxsecurity.com/articles/projects_article-3431.html



+------------------------+
| Network Security News: |
+------------------------+
 
* Network Security Policy: Best Practices White Paper
August 2nd, 2001

Without a security policy, the availability of your network can be
compromised. The policy begins with assessing the risk to the network
and building a team to respond. Continuation of the policy requires
implementing a security change management practice and monitoring the
network for security violations. 

http://www.linuxsecurity.com/articles/network_security_article-3440.html


* FreeBSD Security How-To, Chapter One
August 1st, 2001

This chapter talks about the lockdown procedures of a freebsd
machine. This article assumes the end user has a general level of
familarity with FreeBSD, and unix, in particular, file permissions,
kernel configuration, file editing, and basic ssh usage. In this
chapter we'll talk about the lockdown procedures of a freebsd
machine. 

http://www.linuxsecurity.com/articles/documentation_article-3437.html


* 8 Keys To A Sane Security Strategy
August 1st, 2001

Well, it's finally happened: security and its first cousin, privacy,
are now household requirements. Ignore them and you're toast. How did
this happen so fast? Blame it on distributed computing and the
distributed steroid known as the Internet. As business models moved
into cyberspace, we found ourselves facing new threats. 

http://www.linuxsecurity.com/articles/general_article-3436.html


* The Firewall Fetish
July 30th, 2001

Firewalls are the bestsellers of tech security, cheap, formulaic and
popular. Like a good paperback, they offer a pleasant escape from
reality.   An entire generation of business executives has come of
age trained on the notion that firewalls are the core of good tech
security. 

http://www.linuxsecurity.com/articles/firewalls_article-3425.html




 
+------------------------+
| Cryptography News:     |
+------------------------+
 
* Computer security experts call Public Key Infrastructure (PKI) the
"panacea" for secure, trusted e-business.
August 4th, 2001

PKI is a catchall term for the infrastructure required to manage
digital certificates and highly secure encryption. It encompasses a
great deal: industry standards, software and hardware systems,
business processes and security policies ? even human resources
within a company responsible for carrying out various "trust
processes." 

http://www.linuxsecurity.com/articles/cryptography_article-3446.html




+------------------------+
| General Security News: |
+------------------------+
 
* How can you spot a Hacker?
August 5th, 2001

What defines a Hacker? What motivates a Hacker? A majority of people 
seem to have a vague understanding of what being a Hacker is all
about. Is there an underground Hacker community? Is there only one
type of  Hacker? 

http://www.linuxsecurity.com/articles/general_article-3448.html


* Hackers to the honey
August 1st, 2001

A decoy computer network set up to record every attempt to crack it
open and subvert it has revealed just how active and determined
malicious hackers have become. Statistics gathered by the network
show that computers connected to the web are scanned for weaknesses
up to 14 times per day and that, on average, an attempt will be made
to break into a net-connected computer every three days.  

http://www.linuxsecurity.com/articles/intrusion_detection_article-3435.html



* Laptop Security, Part One: Preventing Laptop Theft
July 30th, 2001

Laptops have become a valuable part of the computing arsenal. They
allow users powerful mobile computers with the same capacity and
software of many desktops. They also allow connectivity, even outside
the office, thus freeing people to take their workplace with them.
This is extremely valuable for employees who must travel frequently

http://www.linuxsecurity.com/articles/general_article-3426.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: