Information Security News mailing list archives
Linux Security Week, Nov 13th 2000
From: newsletter-admins () linuxsecurity com
Date: Mon, 13 Nov 2000 09:15:07 -0500
+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 13, 2000 Volume 1, Number 28n | | | | Editorial Team: Dave Wreski dave () linuxsecurity com | | Benjamin Thomas ben () linuxsecurity com | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week a few interesting articles were released that can help you improve your network security. "Building Your Own Honeypot" discusses how Honeypots are used and gives a few pointers on how to set one up. "A Firewall for Linux with Ipchains" was another interesting article. It outlines the basics of setting up a firewall using Linux and Ipchains. This week, advisories were released for netscape, xfce, global, top, tcpdump, usermode, and dump. The vendors include FreeBSD, RedHat, and Trustix. If you have FreeBSD systems, we recommend that you update immediately. I am beginning to wonder if the Linux vendors were caught up in the election. Five of the seven advisories this week were from FreeBSD. If you have not been keeping up with advisories, it may be a good idea to go back a few weeks and make sure your system has been properly patched. Vulnerability List: http://www.linuxsecurity.com/vuln-newsletter.html Webmasters, our advisory and news feed is now available in RDF format. We invite you to use and customize our feed to provide up-to-date security content on your website. http://www.linuxsecurity.com/linuxsecurity_articles.rdf http://www.linuxsecurity.com/linuxsecurity_advisories.rdf ===================================================================== ** FREE Apache SSL Guide from Thawte ** Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.thawte.com/ucgi/gothawte.cgi?a=n055017540018000 ===================================================================== HTML Version available: http://www.linuxsecurity.com/newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * A Firewall for Linux with Ipchains November 8th, 2000 Ipchains is a packet-filtering firewall package. You can findan RPM of Ipchains in RedHat/RPMS in the latest PC Quest RedHat CD. First youhave to check whether the Linux kernel supports Ipchains. For this, look for afile named ip_fwchains in /proc/net. http://www.linuxsecurity.com/articles/firewalls_article-1899.html * System Fingerprinting With Nmap November 8th, 2000 When someone with half a clue decides to attack your system, he or she will first try to identify the operating system. Not every attack proceeds this way: Script kiddies probe huge address spaces looking for any system with a particular port open, which indicates that just maybe that system will be vulnerable. But for the professional penetration tester or hacker, identifying the operating system is an essential step in probing. http://www.linuxsecurity.com/articles/network_security_article-1900.html +------------------------+ | Network Security News: | +------------------------+ * Building Your Own Honeypot November 11th, 2000 One trick favored by hunters since prehistoric times still proves useful in the world of digital networks: bait. Security specialists often construct systems that appear vulnerable to attack, but actually offer no access to valuable data, administrative controls, or other computers. http://www.linuxsecurity.com/articles/network_security_article-1917.html * Stopping Spam and Trojan Horses with BSD November 10th, 2000 Here's a great guide to reducing the risk of spam using sendmail. Additional information includes DNS blacklists, spam filters and procmail, securing identd, and more. "A properly configured BSD mail server can protect users from spam and Trojan horses while rejecting virtually no legitimate content. http://www.linuxsecurity.com/articles/server_security_article-1914.html * Linux Networking, Part 6: Securing Your Network November 8th, 2000 The only sure way to lock down a PC is to disconnect it from any network and never load a program or a document file that supports macros. That is rather impractical especially when our goal is to connect the network to the Internet. There are a number of avenues and methods where security of a network can be breached. Attacks from the Internet through the firewall are the ones we look at here. Other threats include computer viruses. http://www.linuxsecurity.com/articles/network_security_article-1901.html +------------------------+ | Cryptography News: | +------------------------+ * Quantum Key Distribution: The Future of Security? November 10th, 2000 The US Government is adopting a new encryption standard called Advanced Encryption Standard (AES), which will eventually replace DES. On October 2, the National Institute of Standards and Technology (NIST) announced that it had chosen Rijndael (pronounced Rhine-doll) as the new standard's cipher formula. http://www.linuxsecurity.com/articles/cryptography_article-1916.html * Interview: Rijndael's Vincent Rijmen November 7th, 2000 In the wake of renewed skepticism about the effectiveness of cryptography in improving Internet security, the U.S. Department of Commerce on October 2 nominated a new scheme called Rijndael to replace its current, arguably worn out Data Encryption Standard (DES). http://www.linuxsecurity.com/articles/forums_article-1897.html +-------------------------+ | Vendors/Tools/Products: | +-------------------------+ * ISC Releases BIND 8.2.2 Patch 7 November 10th, 2000 ISC has discovered (or has been notified of) eight bugs which can result in vulnerabilities of varying levels of severity in BIND as distributed by ISC. Upgrading to BIND version 8.2.2 patchlevel 7, or higher, is strongly recommended for all users of BIND. The latest vulnerability includes a serious remote denial of service attack. Upgrade immediately. http://www.linuxsecurity.com/articles/server_security_article-1915.html * Tool personalizes security warnings November 9th, 2000 The National Institute of Standards and Technology announced a service Tuesday that will enable government and private-sector users to receive personalized security vulnerability notices. The new service, named Cassandra and developed by Purdue University's Center for Education and Research in Information Assurance and Security, builds upon NIST's ICAT searchable vulnerability index. ICAT provides summaries and links to open vulnerability databases available on the Internet. http://www.linuxsecurity.com/articles/government_article-1909.html * PGPwireless to Protect Wireless Phone and PDA Users November 7th, 2000 PGP Security, a Network Associates business, today introduced PGPwireless, a new line of products designed to secure information on personal digital assistants (PDAs) and wireless phones. PGPwireless for PalmOS, based on the industry-leading PGP encryption technology and the first offering in the new wireless family of products, provides the highest level of encryption, decryption, digital signatures and authentication capabilities to secure information stored and transmitted on PDAs. http://www.linuxsecurity.com/articles/vendors_products_article-1896.html +------------------------+ | General News: | +------------------------+ * Geographic tracking raises opportunities, fears November 9th, 2000 New technology that can pinpoint the physical location of Web surfers is creating opportunities for online merchants and advertisers but could signal new restrictions on the free-wheeling Internet. http://www.linuxsecurity.com/articles/privacy_article-1905.html * The Art of Good Computer Security Writing November 7th, 2000 Good computer security documentation teaches practical solutions clearly. Yet, too often security documents suffer from too little explanation and too technical language. http://www.linuxsecurity.com/articles/documentation_article-1889.html * The Ten Immutable Laws of Security November 6th, 2000 This Microsoft article does a good job of outlining a list of security issues that no patch can fix. Only dilligence in maintaining your systems can ensure you're systems are as secure as possible. http://www.linuxsecurity.com/articles/server_security_article-1883.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Linux Security Week, Nov 13th 2000 newsletter-admins (Nov 15)