Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - January 12th 2004

From: InfoSec News <isn () c4i org>
Date: Tue, 13 Jan 2004 05:02:44 -0600 (CST)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  January 12th, 2004                             Volume 5, Number 2n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Syscheck: a new
OS file integrity checker," "Book Review: The Effective Incident Response
Team," and "Managing the Network Security Challenge."

LINUX ADVISORY WATCH:
This week, advisories were released for the Linux kernel, lftp, ethereal,
screen, BIND, libnids, mpg321, nd, jabber, zebra, fsp, and vbox3. The
distributors include Conectiva, Debian, Guardian Digital EnGarde Secure
Linux, Fedora, Immunix, Mandrake, Openwall, Red Hat, Slackware, SuSE,
Trustix, and Turbolinux.

http://www.linuxsecurity.com/articles/forums_article-8734.html

---

Managing Linux Security Effectively in 2004

This article examines the process of proper Linux security management in
2004.  First, a system should be hardened and patched.  Next, a security
routine should be established to ensure that all new vulnerabilities are
addressed.  Linux security should be treated as an evolving process.

http://www.linuxsecurity.com/feature_stories/feature_story-157.html

---

Guardian Digital Customers Protected From Linux Kernel Vulnerability As a
result of the planning and secure design of EnGarde Secure Linux, the
company's flagship product, Guardian Digital customers are securely
protected from a vulnerability that lead to the complete compromise of
several high-profile open source projects, including those belonging to
the Debian Project.

http://www.linuxsecurity.com/feature_stories/feature_story-155.html

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+

* Security flaws force Linux kernel upgrade
January 8th, 2004

Open-source developers released a new version of the Linux kernel Monday
in a move aimed at quickly fixing several bugs--among them two serious
security flaws.  The 2.4.24 upgrade to the Linux kernel comes a month
after the release of the previous version of the core system software and
only includes patches for six software issues, including the two flaws.

http://www.linuxsecurity.com/articles/host_security_article-8732.html


* Linux kernel security vuln fixed
January 7th, 2004

Polish security outfit iSEC, which discovered the vuln, warns that "proper
exploitation of this vulnerability may lead to local privilege escalation
including execution of arbitrary code with kernel level access".

http://www.linuxsecurity.com/articles/host_security_article-8703.html


* The wrong way to upgrade your RPMs
January 6th, 2004

Most Linux distributions use the RPM[1] format for their software
packages. RPMs are managed by the rpm program, which typically lives at
/usr/bin/rpm.[2]

http://www.linuxsecurity.com/articles/documentation_article-8691.html


* Syscheck: a new OS file integrity checker
January 6th, 2004

Syscheck is an Open Source software that checks your files, specially
binaries and configuration files, to see what has changed on your system.

http://www.linuxsecurity.com/articles/projects_article-8689.html


* The mysteriously persistently exploitable program explained
January 5th, 2004

In a previous article I described a machine compromise that initially
would seemed to have been impossible. A vulnerable suid root program,
/usr/sbin/buggy, was upgraded to a non vulnerable version, and yet
crackers still were exploiting it. In fact, even after the program was
removed entirely, it was still being exploited.

http://www.linuxsecurity.com/articles/host_security_article-8679.html


+------------------------+
| Network Security News: |
+------------------------+

* Improving Passive Packet Capture: Beyond Device Polling
January 9th, 2004

Passive packet capture is necessary for many activities including network
debugging and monitoring. With the advent of fast gigabit networks, packet
capture is becoming a problem even on PCs due to the poor performance of
popular OSs. The introduction of device polling has improved the capture
process quite a bit but not really solved the problem.

http://www.linuxsecurity.com/articles/network_security_article-8735.html


* Book Review: The Effective Incident Response Team
January 8th, 2004

With every year that passes it seems that the amount of computer security
incidents is bigger than ever, yet it's obvious there's more security
awareness. As the incidents increased in severity it was a natural step
for organizations to form an incident response team or hire a team to
respond to those incidents. It's much easier to be prepared than to have
to clean up after the damage has been done.

http://www.linuxsecurity.com/articles/documentation_article-8730.html


* Ease the security burden with a central logging server
January 7th, 2004

Every network device on your network has some type of logging capability.
Switches and routers are extremely proficient in logging network events.
Your organization's security policy should specify some level of logging
for all network devices.

http://www.linuxsecurity.com/articles/server_security_article-8704.html


* Managing the Network Security Challange
January 6th, 2004

For university information technology departments, a balancing act can be
challenging. University computer networks are an essential component of
university operations. Yet, they are often large, heterogeneous, open, and
used by thousands of individuals whose computing habits and expertise are
largely unknown.

http://www.linuxsecurity.com/articles/network_security_article-8687.html


* NMAP Grepable Output
January 5th, 2004

One of the often overlooked and underused output methods of nmap is the
grepable or "machine" output. This output places all results for a single
host on a single line, making it easier to use with other command line
tools, like grep and awk. It also makes it easier to use when scripting.

http://www.linuxsecurity.com/articles/documentation_article-8682.html


+------------------------+
| General Security News: |
+------------------------+

* School District Gives Linux Security Technology High Grades
January 9th, 2004

As any corporate IT administrator knows, network security is no longer a
luxury, but a necessity. If your network is not secure, not only do you
risk losing valuable corporate information, but you also run the risk of
being liable if your network is used to disrupt other sites, as with
Distributed Denial of Service (DDoS) attacks.

http://www.linuxsecurity.com/articles/government_article-8736.html


* Don't take passwords to the grave
January 8th, 2004

As an ambulance whisked Jon Hansen to the hospital last year, he held
tightly to his wife's hand and told her things she needed to know if he
were to die. "Write down this password," he told her. "Oh, you'll need
this one, too. And you don't have this one, either."

http://www.linuxsecurity.com/articles/general_article-8733.html


* A 90-Day Plan For Developing A Security Management Strategy
January 7th, 2004

True cybersecurity requires that financial, IT, and operational managers
from across the enterprise--and outside it--come together to assess and
guard against their company's most serious risk and exposures. Here's how
to get started.

http://www.linuxsecurity.com/articles/network_security_article-8706.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: