Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week, Dec 4th 2000

From: newsletter-admins () linuxsecurity com
Date: Mon, 4 Dec 2000 00:15:40 -0500
+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  December 4, 2000                          Volume 1, Number 31n     |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security
newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security
headlines.

In the news this week, CERT warned of looming DoS attacks, IBM
claims faster encryption technology, and OpenBSD 2.8 was officially
released.  A few good papers include "Securing Linux: Part 1," "An
Introduction to Incident Handling," and "Best Practices in Network
Security."  You should consider reading each article.

This week, advisories were released for bash, fsh, ed, me, pine,
netscape, joe, ethereal, ghostscript, bind, ncurses, modutils,
gnorpm, usermode, apache, cyrus-sasl, nsslap, and openssh. The
vendors include Caldera, Debian, Immunix, Mandrake, Red Hat, and
SuSE. It is critical that you update all vulnerable packages to
reduce the risk of being compromised.

 http://www.linuxsecurity.com/articles/forums_article-2034.html

=================================================================
FREE Apache SSL Guide from Thawte
Are you planning your Web Server Security? Click here to get a
FREE Thawte Apache SSL guide and find the answers to all your
Apache SSL security issues:
<http://www.thawte.com/ucgi/gothawte.cgi?a=n074917540018000>
=================================================================

HTML Version available:
<http://www.linuxsecurity.com/newsletter.html>

+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-----------------+
+---------------------+


* Keep Tux Safe
December 3rd, 2000

Until someone designs an operating system that reads  minds, security
will depend on diligent configuration and  administration, no matter
what OS software you use.  Your Linux machine can be extremely
secure, but it's  not going to get there on its own. Here are a few
basic  measures.

http://www.linuxsecurity.com/articles/host_security_article-2050.html


* Securing Linux: Part 1
November 30th, 2000

This is   the first in a series of articles that will show you some
of the basic security measures that you can adopt for your system.
 "Security is not an option, but a way of life". This is the mantra
given by Kurt  Seifried, the author of the famed 'Linux
Administrators Security Guide' and  numerous other Security HOWTO's
available out there.

http://www.linuxsecurity.com/articles/host_security_article-2029.html


* ISC DHCPD
November 30th, 2000

There is practically no  information available online regarding DHCP
security.  This is odd, considering the ubiquity of DHCP servers on
most networks. Unlike BIND, the ISC DHCP server does not have command
line options to  chroot the server or run it as a non-root user. This
means that most DHCP servers are running  non-chrooted and as root,
increasing the chances that any security flaws found will be quite
serious.

http://www.linuxsecurity.com/articles/server_security_article-2030.html


* Any port is a hacker storm
November 28th, 2000

Central to [the SYN] attack is the ability of the miscreant to find
an "open" port - that is, a port on the destination  machine that
responds to connection requests.   If a hacker is trying to find your
weaknesses, he will  usually begin by trying to find out what your
network  looks like. The obvious way to start is to ping all of  the
possible addresses in your subnet to find "live"  machines.

http://www.linuxsecurity.com/articles/hackscracks_article-2011.html



+------------------------+
| Network Security News: |
+------------------------+

* DoS alarm sounded over server flaw
December 2nd, 2000

Known as a resource-deprivation attack,  Internet data sent in a
certain way could  cause servers to crash under an artificial
avalanche of data. Security consultant BindView Corp. has  announced
that a widespread flaw in the way that servers handle Internet
traffic could result in  so-called denial-of-service attacks similar
to the ones that plagued the Web last February.

http://www.linuxsecurity.com/articles/network_security_article-2046.html

* CERT warns of looming DDoS attacks
December 1st, 2000

In its clearest signal yet that it may be bracing for a massive
attack,  computer network security group CERT issued an advisory
today  asking system administrators to prepare systems to block
denial of  service attacks.   The advisory, titled DenialofService
Vulnerabilities in TCP/IP  Stacks, warns admins to harden and closely
monitor systems in  anticipation of an attack.

http://www.linuxsecurity.com/articles/organizations_events_article-2043.html


* CERT: Denial-of-Service Vulnerabilities in TCP/IP Stacks
November 30th, 2000

A variety of denial-of-service vulnerabilities has been explored and
documented by BindView's RAZOR Security Team. These vulnerabilities
allow attackers to consume limited resources on victim machines.
BindView's RAZOR Security Team has referred to these vulnerabilities
as Naptha vulnerabilities.

http://www.linuxsecurity.com/articles/organizations_events_article-2033.html

* Best Practices in Network Security
November 28th, 2000

This March, 2000 article by Fred Avolio discusses how to determine
what's necessary to improve the security of your network. "It's a
complex world, and growing more so every day. With  these changes,
some truths and approaches to security remain the  same, while others
are new and radically different.

http://www.linuxsecurity.com/articles/network_security_article-2017.html



+------------------------+
| Cryptography News:     |
+------------------------+


* Secure Communication with GnuPG on Linux
December 3rd, 2000

GnuPG is a tool for secure communication and data storage. It can be
used to encrypt data and to create digital signatures. GnuPG is a
complete and free replacement for PGP. Because it does not use the
patented IDEA algorithm, it can be used without any restrictions.
GnuPG uses public-key cryptography so that users may communicate
securely. In a public-key system, each user has a pair of keys
consisting of a private key and a public key.

http://www.linuxsecurity.com/articles/cryptography_article-2051.html


* My security algorithm is faster than yours
December 3rd, 2000

IBM claims to have invented a new encryption algorithm which can
encrypt and authenticate data in one step.    The algorithm takes
advantage of parallel processing hardware, to  cut in half the time
taken to encrypt data. However, the news has  failed to impress
everyone.

http://www.linuxsecurity.com/articles/cryptography_article-2052.html


* IBM claims faster encryption technology
December 2nd, 2000

IBM Corp. announced Thursday a secure method  for digitally
scrambling and signing data that it  claims will take half the time
of today's fastest  techniques.  IBM billed the combination
encryption-authentication technique as especially  suitable to secure
mobile communications because of  its lower processor requirements.

http://www.linuxsecurity.com/articles/cryptography_article-2048.html




+-------------------------+
| Vendors/Tools/Products: |
+-------------------------+

* OpenBSD 2.8 officially released
December 1st, 2000

It is our pleasure to officially announce the release of OpenBSD 2.8.
Just over 6 weeks ago, on October 18, OpenBSD turned 5 years old. In
celebration of this milestone, we invite you  to enjoy our 8th
release on CDROM (and 9th via FTP). We continue to celebrate
OpenBSD's record of three years without a remote hole in the default
install.

http://www.linuxsecurity.com/articles/security_sources_article-2044.html


* Protecting Your Linux System with FireStarter and Storm Firewall
December 1st, 2000

Despite its relatively secure status when compared to some other
operating systems, Linux is still somewhat problematic to deal with,
especially as the userbase drifts more and more from experienced
technical hands to hobbyists and less experienced users out to try
something new.

http://www.linuxsecurity.com/articles/firewalls_article-2042.html



+------------------------+
| General News:          |
+------------------------+


* Agency adds smart cards, PKI
December 1st, 2000

The Bureau of Labor Statistics is bolstering systems security  by
adding public-key infrastructure and providing smart  cards to 1,500
employees.    BLS will issue most of the cards to field workers who
sign in  to the agency's network remotely. Currently, remote users
gain access by entering a user ID and a password, said Rick  Kryger,
the agency's IT security officer.

http://www.linuxsecurity.com/articles/government_article-2035.html


* An Introduction to Incident Handling
November 30th, 2000

Incident handling is a generalized term that refers to the response
by a person or organization to an attack. An organized and careful
reaction to an incident can mean the difference between complete
recovery and total disaster. This paper will provide a logical
approach to handling two common forms of attack - virus outbreak and
system compromise. The method that this article will propose includes
the following sequence of steps that should be followed in the case
of all types of attack.

http://www.linuxsecurity.com/articles/network_security_article-2026.html


* Honeynet Project's 'honey pot' a sweet success in trapping
November 27th, 2000

During just one month of monitoring, the Honeynet team's "honey pot,"
which poses as a real network to attract hackers, had been scanned by
hundreds of unique IP addresses looking for two particular ports: UDP
(User Datagram Protocol) port 137, used by the NetBIOS Naming
Service, and TCP port 139, the tried-and-true NetBIOS Session
Service.

http://www.linuxsecurity.com/articles/organizations_events_article-2003.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: