Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - March 8th 2004

From: InfoSec News <isn () c4i org>
Date: Tue, 9 Mar 2004 02:36:54 -0600 (CST)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  March 8th, 2004                               Volume 5, Number 10n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "The MD5CRK
Project," "Network Protocol Stack & TCP hacking," "Establishing a Secure
E-Commerce Storefront," and "Use Process of Sustained Risk Management.

LINUX ADVISORY WATCH:
This week, advisories were released for the Linux kernel, xboing, pwlib,
tcpdump, and libxml2. The distributors include Debian, Fedora, FreeBSD,
and Mandrake.

http://www.linuxsecurity.com/articles/forums_article-9003.html

----


Internet Productivity Suite:  Open Source Security <<

Trust Internet Productivity Suites open source architecture to give you
the best security and productivity applications available. Collaborating
with thousands of developers, Guardian Digital security engineers
implement the most technologically advanced ideas and methods into their
design.


http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn09

----

Interview with Vincenzo Ciaglia, Founder of Netwosix - In this article, a
brief introduction of Netwosix is given and the project founder Vincenzo
Ciaglia is interviewed.  Netwosix is light Linux distribution for system
administrators and advanced users.

http://www.linuxsecurity.com/feature_stories/feature_story-160.html

--------------------------------------------------------------------

Guardian Digital Launches Next Generation EnGarde Secure Linux

Guardian Digital, Inc., the world's premier open source security company,
announced an update to the next generation, award-winning platform that
delivers features designed to ease the process of building a complete
Internet presence and the level of security necessary to prevent system
compromise. EnGarde Secure Linux leverages the best open source
applications available to provide secure Internet connectivity, user
privacy, Web and email functions, and intrusion detection.

http://www.linuxsecurity.com/feature_stories/feature_story-159.html


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf



+---------------------+
| Host Security News: | <<-----[ Articles This Week ]----------
+---------------------+

* The MD5CRK Project
March 5th, 2004

The MD5CRK project seeks to prove empirally that MD5 is a hash algorithm
that exhibits the not-so-cryptographically-sound property of collisions.
This has already been proven theoretically, but nobody really paid
attention, so this distributed computing project was created.

http://www.linuxsecurity.com/articles/cryptography_article-9004.html


+------------------------+
| Network Security News: |
+------------------------+

* Updated: fwall 1.4.6_rc4
March 4th, 2004

Fwall is a simple user-friendly firewall script for iptables. It is based
on bash. It includes a configuration for 1-2 interfaces, port forwarding,
DoS protection, and so on. The base code was cleaned up. Succession of
rules was fixed. Logging of syn packets in the OUTPUT and FORWARD chains
was fixed.

http://www.linuxsecurity.com/articles/firewalls_article-9001.html


* Protect Your Wireless Network
March 3rd, 2004

If you have a wireless network set up in your home, you might be inviting
criminals to steal from you without even having to break in. Wireless
internet or Wi-Fi is becoming big business and computer users are lining
up to buy the equipment that will allow them to use their laptop computers
just about anywhere.

http://www.linuxsecurity.com/articles/network_security_article-8992.html


* Network Protocol Stack & TCP hacking
March 3rd, 2004

The network protocol stack, which forms the carrier and pipeline of data
from one host to another is designed in such a way that we can interact
with different layers at desired level.

http://www.linuxsecurity.com/articles/network_security_article-8996.html


* FreeS/WAN Development Halted
March 2nd, 2004

After more than five years of active development, the FreeS/WAN project
will be coming to an end. Nine months after the release of FreeS/WAN 2.00,
Opportunistic Encryption (OE) has not caught on as we'd hoped.

http://www.linuxsecurity.com/articles/projects_article-8988.html


* New HoneyNet Challenge!
March 2nd, 2004

This month's challenge is different. Traditional SotM challenges have been
about analyzing specific attacks against specific honeypots. This time we
are going to take a step back and look at the bigger picture.

http://www.linuxsecurity.com/articles/projects_article-8989.html


+------------------------+
| General Security News: |
+------------------------+

* LLV  Imports: Establishing a Secure E-Commerce Storefront
March 7th, 2004

Companies today understand the importance of e-commerce in the new
economy. With the number of active Internet users approaching 640 million
worldwide, the demand for products and services via the Internet is
increasing rapidly. Guardian Digital Corporate Commerce Suite enables
companies to meet this high demand and still focus on their core
competencies rather than being concerned with how their online presence is
functioning.

http://www.linuxsecurity.com/articles/vendors_products_article-9008.html\


* DOES open source software enhance security?
March 5th, 2004

Analysis There are several reasons why open-source software provides for
superior computer and network security, but the computing public seems
confused about why this is so, writes Thomas C Greene.

http://www.linuxsecurity.com/articles/general_article-9007.html


* Use process of sustained risk management to eradicate knee-jerk
security scrambles
March 3rd, 2004

Consider a firm with 5,000 servers. IT management should know the
configuration of those machines, especially what has been patched and to
what level. NetIQ estimates that eight out of 10 UK companies do not have
the processes in place to report on this accurately. The result is a
knee-jerk reaction to patch the system at the appearance of each worm or
virus.

http://www.linuxsecurity.com/articles/general_article-8993.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: