Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week, Nov 13th 2000

From: newsletter-admins () linuxsecurity com
Date: Mon, 13 Nov 2000 09:15:07 -0500
+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  November 13, 2000                           Volume 1, Number 28n   |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security
newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security
headlines.

This week a few interesting articles were released that can help you
improve your network security.  "Building Your Own Honeypot" discusses
how Honeypots are used and gives a few pointers on how to set one
up.  "A Firewall for Linux with Ipchains" was another interesting
article.  It outlines the basics of setting up a firewall using
Linux and Ipchains.

This week, advisories were released for netscape, xfce, global, top,
tcpdump, usermode, and dump.  The vendors include FreeBSD, RedHat,
and Trustix.  If you have FreeBSD systems, we recommend that you
update immediately.  I am beginning to wonder if the Linux vendors
were caught up in the election.  Five of the seven advisories this
week were from FreeBSD.  If you have not been keeping up with
advisories, it may be a good idea to go back a few weeks and make
sure your system has been properly patched.

Vulnerability List: http://www.linuxsecurity.com/vuln-newsletter.html


Webmasters, our advisory and news feed is now available in RDF
format. We invite you to use and customize our feed to provide
up-to-date security content on your website.

http://www.linuxsecurity.com/linuxsecurity_articles.rdf
http://www.linuxsecurity.com/linuxsecurity_advisories.rdf


=====================================================================
** FREE Apache SSL Guide from Thawte **
Planning Web Server Security? Find out how to implement SSL! Get the
free Thawte Apache SSL Guide and find the answers to all your Apache
SSL security issues and more at:
http://www.thawte.com/ucgi/gothawte.cgi?a=n055017540018000
=====================================================================


HTML Version available:
http://www.linuxsecurity.com/newsletter.html



+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-----------------+
+---------------------+

* A Firewall for Linux with Ipchains
November 8th, 2000

Ipchains is a packet-filtering firewall package. You can findan RPM
of Ipchains in RedHat/RPMS in the latest PC Quest RedHat CD. First
youhave to check whether the Linux kernel supports Ipchains. For
this, look for afile named ip_fwchains in /proc/net.

http://www.linuxsecurity.com/articles/firewalls_article-1899.html


* System Fingerprinting With Nmap
November 8th, 2000

When someone with half a clue decides to attack your system, he or
she will first try to identify the operating system. Not every attack
proceeds this way: Script kiddies probe huge address spaces looking
for any system with a particular port open, which indicates that just
maybe that system will be vulnerable. But for the professional
penetration tester or hacker, identifying the operating system is an
essential step in probing.


http://www.linuxsecurity.com/articles/network_security_article-1900.html


+------------------------+
| Network Security News: |
+------------------------+


* Building Your Own Honeypot
November 11th, 2000

One trick favored by hunters since prehistoric times still proves
useful in the world of digital networks: bait. Security specialists
often construct systems that appear vulnerable to attack, but
actually offer no access to valuable data, administrative controls,
or other computers.

http://www.linuxsecurity.com/articles/network_security_article-1917.html


* Stopping Spam and Trojan Horses with BSD
November 10th, 2000

Here's a great guide to reducing the risk of spam using sendmail.
Additional information includes DNS blacklists, spam filters and
procmail, securing identd, and more. "A properly configured BSD mail
server can protect users from spam and Trojan horses while rejecting
virtually no legitimate content.

http://www.linuxsecurity.com/articles/server_security_article-1914.html


* Linux Networking, Part 6: Securing Your Network
November 8th, 2000

The only sure way to lock down a PC is to disconnect it from any
network and never load a program or a document file that supports
macros. That is rather impractical especially when our goal is to
connect the network to the Internet. There are a number of avenues
and methods where security of a  network can be breached. Attacks
from the Internet through the  firewall are the ones we look at here.
Other threats include computer viruses.

http://www.linuxsecurity.com/articles/network_security_article-1901.html


+------------------------+
|   Cryptography News:   |
+------------------------+

* Quantum Key Distribution: The Future of Security?
November 10th, 2000

The US Government is adopting a new encryption standard called
Advanced Encryption Standard (AES), which will eventually replace
DES. On  October 2, the National Institute of Standards and
Technology (NIST)  announced that it had chosen Rijndael (pronounced
Rhine-doll) as the new standard's cipher formula.

http://www.linuxsecurity.com/articles/cryptography_article-1916.html


* Interview: Rijndael's Vincent Rijmen
November 7th, 2000

In the wake of renewed skepticism about the  effectiveness of
cryptography in improving Internet  security, the U.S. Department of
Commerce on  October 2 nominated a new scheme called Rijndael to
replace its current, arguably worn out Data Encryption Standard
(DES).

http://www.linuxsecurity.com/articles/forums_article-1897.html



+-------------------------+
| Vendors/Tools/Products: |
+-------------------------+


* ISC Releases BIND 8.2.2 Patch 7
November 10th, 2000

ISC has discovered (or has been notified of) eight bugs which can
result in  vulnerabilities of varying levels of severity in BIND as
distributed by ISC.  Upgrading to BIND version 8.2.2 patchlevel 7, or
higher, is strongly  recommended for all users of BIND. The latest
vulnerability includes a serious remote denial of service attack.
Upgrade immediately.

http://www.linuxsecurity.com/articles/server_security_article-1915.html


* Tool personalizes security warnings
November 9th, 2000

The National Institute of Standards and Technology  announced a
service Tuesday that will enable government  and private-sector users
to receive personalized security  vulnerability notices.  The new
service, named Cassandra and developed by  Purdue University's Center
for Education and Research in  Information Assurance and Security,
builds upon NIST's ICAT  searchable vulnerability index. ICAT
provides summaries and links to open vulnerability databases
available on the  Internet.

http://www.linuxsecurity.com/articles/government_article-1909.html


* PGPwireless to Protect Wireless Phone and PDA Users
November 7th, 2000

PGP Security, a Network Associates  business, today introduced
PGPwireless, a new line of products designed to secure information on
personal digital assistants (PDAs) and wireless phones. PGPwireless
for PalmOS, based on the industry-leading PGP encryption technology
and the first offering in the new wireless family of products,
provides the highest level of encryption, decryption, digital
signatures and authentication capabilities to secure information
stored and transmitted on PDAs.

http://www.linuxsecurity.com/articles/vendors_products_article-1896.html


+------------------------+
|    General News:       |
+------------------------+


* Geographic tracking raises opportunities, fears
November 9th, 2000

New technology that can pinpoint the physical location of Web surfers
is creating opportunities for online merchants and advertisers but
could signal new restrictions on the free-wheeling Internet.

http://www.linuxsecurity.com/articles/privacy_article-1905.html


* The Art of Good Computer Security Writing
November 7th, 2000

Good computer security documentation teaches practical solutions
clearly. Yet, too often security documents suffer from too little
explanation and too technical language.

http://www.linuxsecurity.com/articles/documentation_article-1889.html


* The Ten Immutable Laws of Security
November 6th, 2000

This Microsoft article does a good job of outlining a list of
security issues that no patch can fix. Only dilligence in maintaining
your systems can ensure you're systems are as secure as possible.


http://www.linuxsecurity.com/articles/server_security_article-1883.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: