Information Security News mailing list archives
Linux Security Week - January 15th 2001
From: newsletter-admins () linuxsecurity com
Date: Mon, 15 Jan 2001 08:14:14 -0500
+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | January 15, 2001 Volume 2, Number 3n | | | | Editorial Team: Dave Wreski dave () linuxsecurity com | | Benjamin Thomas ben () linuxsecurity com | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, a few interesting papers were released. Among them were, "Implementing and Managing Linux System Security," "Understanding Linux file permissions," and "Implementing PKI." Another interesting article is "Quantum crypto one step closer." It discusses some of the latest advancements in cryptography. This week, advisories were released for mgetty, perl, xchat, umb-scheme, wu-ftpd, man, getty_ps, in, squid, arpwatch, useradd, rdist, gpm, and glibc. The vendors include Debian, LinuxPPC, Immunix, Mandrake and Red Hat. It is critical that you update all vulnerable packages. http://www.linuxsecurity.com/articles/forums_article-2287.html * Guardian Digital has just announced that that they are offering A free Handspring Visor with the purchase of any secure Linux Lockbox. Please see their website for details. -> http://www.guardiandigital.com/visoroffer.html ** OpenDoc Publishing ** Our sponsor this week is OpenDoc Publishing. Their 480-page comprehensive security book, Securing and Optimizing Linux, takes a hands-on approach to installing, optimizing, configuring, and securing Red Hat Linux. Topics include sendmail 8.10.1, OpenSSL, ApacheSSL, OpenSSH and much more! Includes Red Hat 6.2 and Red Hat 6.2 PowerTools edition. http://www.linuxsecurity.com/sponsors/opendocs.html HTML Version available: <http://www.linuxsecurity.com/newsletter.html> +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * File transfer options -- Part I: Secure iXplorer January 14th, 2001 This is the first-part in a series of articles about different options for secure file transfers. I won't cover how to sniff connections, steal passwords or if SSH is really "secure". But hopefully, I can provide some information that will be valuable for your web hosting clients and for you the Apache webserver administrators. http://www.linuxsecurity.com/articles/server_security_article-2300.html * Implementing and Managing Linux System Security January 13th, 2001 Chapter 18 of Linux System Security: The Administrator's Guide to Open Source Security Tools. haven't talked about! To put all the extra work in perspective, though, think about the labor required to recover from a major destructive break-in. From that perspective, the effort involved in securing your systems and networks begins to look like it might be worth it. http://www.linuxsecurity.com/articles/security_sources_article-2296.html * Understanding Linux file permissions January 9th, 2001 In a secure multi-user environment like Linux, file permissions access rights are defined. However, these access rights can cause problems for new users who are used to the access-anything style of DOS/Windows. http://www.linuxsecurity.com/articles/host_security_article-2264.html * LinuxPPC Security Primer, Part II January 8th, 2001 This article provides a brief overview of programs including OpenSSH, GPG, and pointers to further information. "If you're like most LinuxPPC users, a large portion of your computing time is spent using network-based applications, either explicitly or implicitly. Unless you maintain a private physical link with each computer you communicate with, this means that your are both sending and receiving data over shared networks. http://www.linuxsecurity.com/articles/network_security_article-2261.html +------------------------+ | Network Security News: | +------------------------+ * Build a Floppy Firewall January 8th, 2001 Here's how I turned an unused PC into a packet-filtering firewall using a package called floppyfw. The firewall boots off a single floppy, runs completely in RAM, and uses ipchains for the filter rules. It also does IP masquerading, port forwarding, and can log to a remote host using syslog. All this in a machine with as little as 8 MB of RAM and no hard drive! http://www.linuxsecurity.com/articles/firewalls_article-2252.html +------------------------+ | Cryptography News: | +------------------------+ * Implementing PKI January 12th, 2001 A certificate is a structured document that binds some information (such as Bob's name) to a public key, and is digitally signed by a trusted third party called a certification authority or CA. To verify a certificate, the user of the public key must first obtain the public key of the CA by some other trusted means. http://www.linuxsecurity.com/articles/cryptography_article-2290.html * Quantum crypto one step closer January 11th, 2001 Boffins at UCSB (University of California, Santa Barbara) have made a breakthrough in quantum cryptography, and put together a gadget that is capable of emitting a single photon. The device is being heralded as an important step towards secure quantum communications since it will render any signal invulnerable to snooping. http://www.linuxsecurity.com/articles/cryptography_article-2285.html * Crypto: Three Decades in Review January 9th, 2001 It took only a year or two for a pair of computer and math geeks to discover modern encryption technology in the 1970s. But it's taken three decades for the full story to be told. Transforming what is an unavoidably nerdy tale into the stuff of passion and politics is not a trivial business, but Steven Levy, the author of Crypto, proves himself more than up to the task. http://www.linuxsecurity.com/articles/cryptography_article-2271.html * The maths prof., free speech and encryption January 8th, 2001 While encryption was still under the watchful eye of the US Department of State, Bernstein wrote an encryption program called Snuffle. This was promptly classified as munitions under then existing International Traffic in Arms Regulations, which meant a licence was required if it were to be sent overseas. http://www.linuxsecurity.com/articles/cryptography_article-2260.html +-------------------------+ | Vendors/Tools/Products: | +-------------------------+ * OpenSSH 2.3 And SSH Secure Shell 2.4 January 12th, 2001 If you're a Linux administrator and you're still using telnet for authentication, your network could be in danger. Telnet passes your user IDs, password/passphrase, and the content of your terminal sessions in the clear, where anyone with a sniffer can see what you're doing regardless of whether they have your password. http://www.linuxsecurity.com/articles/cryptography_article-2288.html * Feds unveil 'security-enhanced' Linux prototype January 10th, 2001 The U.S. National Security Agency last week publicly released a prototype "security-enhanced Linux" operating system, hoping to attract the developer community to find ways to improve Linux security for business and governmental uses. So how is the developer community reacting so far? http://www.linuxsecurity.com/articles/server_security_article-2279.html * LIDS 1.0.4 for Kernel 2.4 Released January 9th, 2001 LIDS is a kernel patch to enhance the linux kernel. LIDS 1.0.4 has been released for use with kernel version 2.4.0. http://www.linuxsecurity.com/articles/projects_article-2265.html +------------------------+ | General News: | +------------------------+ * IRC Attack Linked to DoS Threat January 12th, 2001 Recent vicious cyberattacks on IRC services have now been linked to a National Infrastructure Protection Center security warning that advised systems administrators to protect their systems against a potential widespread distributed denial of service attack over New Year's weekend. http://www.linuxsecurity.com/articles/network_security_article-2292.html * Security is out of step with ebusiness January 12th, 2001 Fewer than half of blue-chip companies believe that their ebusiness and security strategies are effectively coordinated. Business managers are guilty of demanding ebusiness at all costs and security is overlooked, according to research by analyst group Xephon. http://www.linuxsecurity.com/articles/server_security_article-2289.html * Implementing PKI January 11th, 2001 The White House yesterday essentially threw in the towel on the government's ability to limit exports of high-performance computers, while also acknowledging that there's little the U.S. can do to prevent other nations from developing high-powered systems by harnessing computer power through networked clusters of machines. http://www.linuxsecurity.com/articles/government_article-2284.html * History Looks at the NSA January 10th, 2001 To the NSA, of course, its devilish reputation is merely an unfortunate Hollywood fiction. Its director, Lt. Gen. Michael Hayden, has taken every opportunity to say so, most recently on a History Channel documentary that aired for the first time Monday evening. "It's absolutely critical that (Americans) don't fear the power that we have," Hayden said on the show. http://www.linuxsecurity.com/articles/government_article-2274.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Linux Security Week - January 15th 2001 newsletter-admins (Jan 16)