Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - May 28th 2001

From: InfoSec News <isn () c4i org>
Date: Tue, 29 May 2001 09:35:07 -0500 (CDT)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  May 28th 2001                            Volume 2, Number 21n      |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+
 
Thank you for reading the LinuxSecurity.com weekly security
newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security
headlines.

This week, our readers should pay particular attention to "DoE: First 
Responder's Manual," "Two Open Source Security Code Scanners," and 
"SMTP over an SSH Tunnel."  Also in the news, the saga surrounding 
Max Butler continues.  An updated Wired story appears in the General 
section of this newsletter.


### FREE Apache SSL Guide from Thawte
###                                    
                                                                            
Planning Web Server Security? Find out how to implement SSL!  Get 
the free Thawte Apache SSL Guide and find the answers to all your 
Apache SSL security issues and more.  
 
 -> Go to:  http://www.gothawte.com/rd12.html 
 

This week, advisories were released for samba, minicom, xemacs,
kernel (TurboLinux), man, mktemp, openssh, pine, and vixie-cron.  The
vendors include Caldera, EnGarde, Mandrake, Red Hat, and TurboLinux. 
 It is critical that you update all insecure packages.

http://www.linuxsecurity.com/articles/forums_article-3064.html


 
HTML Version available:
http://www.linuxsecurity.com/newsletter.html
 
 
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-----------------+
+---------------------+
 


* Hardening Linux
May 22nd, 2001

IPChains in my opinion is a poor man's firewall. Now while most Linux
binaries are open source I mean this in the sense that most people
who use IPChains have little knowledge about firewalls or protocols
and look for IPChains as a solution to a firewall. IPChains has its
ups and downs, but a strong firewall by comparison should be the
ultimate resolution. 

http://www.linuxsecurity.com/articles/host_security_article-3049.html


* Two Open Source Security Code Scanners
May 22nd, 2001

David Wheeler, author of the Secure Programming HOWTO and the RATS
development team from Secure Software Solutions today announced open
source source code security flaw scanners. RATS scans through code,
finding potentially dangerous function calls.  The goal of this tool
is not to definitively find bugs.  Instead, this tool aims to provide
a reasonable starting point for performing manual security audits."
"Flawfinder" states it will "scan source code and identify out
potential security flaws, ranking them by likely severity.

http://www.linuxsecurity.com/articles/projects_article-3046.html


* DoE: First Responder's Manual
May 21st, 2001

This manual "is designed as a guide concerning the initial  response
to a computer incident for both system administrators and security 
personnel." Although this manual is being written with system
administrators and  security personnel in mind, it can be useful to
anyone who suspects a  computer was used, intentionally or
unintentionally, in a security incident  or criminal act. 

http://www.linuxsecurity.com/articles/security_sources_article-3040.html



+------------------------+
| Network Security News: |
+------------------------+

* DoS attacks hit anyone, not just corporations
May 25th, 2001

Denial of service (DoS) attacks against big Internet players like
Amazon.com draw media attention, but according to  a new study, these
electronic assaults frequently are targeted against individual
personal computers.   DoS attacks disable Web servers on the Internet
by overloading them with messages, according to the study.  

http://www.linuxsecurity.com/articles/network_security_article-3068.html



* Firewalling: Reject vs. Deny, Default-open vs. Default-closed
May 23rd, 2001

There are a number of issues considered all too rarely by firewall 
administrators. Most IP level firewalls have a number of options for
handling a packet. The packet can  typically be accepted, dropped, or
sent through another set of rules for inspection  (allowing you to
break up your ruleset into more manageable pieces.

http://www.linuxsecurity.com/articles/firewalls_article-3055.html


* Enter the Decentralized Zone
May 22nd, 2001

Digital security is a trade-off. If securing digital data were the
only concern a business had, users would have no control over their
own computing environment  at all-the Web would be forbidden
territory; every disk drive would be welded shut. The current
compromise between security and flexibility is a sort of
intranet-plus-firewall sandbox, where the IT department sets the
security policies that workers live within. This  allows workers a
measure of freedom and flexibility while giving their companies 
heightened security.

http://www.linuxsecurity.com/articles/network_security_article-3047.html



* SMTP over an SSH Tunnel
May 22nd, 2001

The first thing I decided was to establish the tunnel as a non-root
user. Since the tunnel was going to exist for solely mail relaying
purposes, I created a relay user on both my laptop and the server in
question. I also ran ssh-keygen(1) and gave the relay user an empty
passphrase. If you're overly paranoid, you can use a passphrase and
then use ssh-agent(1). The way I figure is if someone gets into my
laptop, I have more things to worry about than them sending mail
through my relay. 

http://www.linuxsecurity.com/articles/network_security_article-3048.html




+------------------------+
| Vendors/Products/Tools:|
+------------------------+

* Intrusion-Detection Systems by the Numbers
May 21st, 2001

My company recently tested and acquired a network-based
intrusion-detection  system (IDS). Over the past few months, I've
received many e-mails from  readers asking me to explain the
performance-testing methodology I used, so  I've decided to share how
I tested our network-based IDS. (A network-based  IDS server
watches traffic destined for all host systems on a subnet, while a 
host-based IDS typically runs on each host system to be protected.) 


http://www.linuxsecurity.com/articles/intrusion_detection_article-3045.html





+------------------------+
| General Security News: |
+------------------------+

* Internet architects zero in on reliability, security
May 26th, 2001

As the architects of the future Internet struggle to define
underlying technologies for providing a range of new network
services, reliability and security are again moving to the top of the
agenda. According to security experts at a meeting this week
sponsored by the Global Internet Project and the Cross-Industry
Working Team, the reliability issue lends itself to market-driven
technology solutions. 

http://www.linuxsecurity.com/articles/network_security_article-3071.html



* A 'White Hat' Goes to Jail: Updated
May 25th, 2001

Max Butler lived three lives for five years. As "Max Vision," he
was an incredibly skilled hacker and security expert who boasted that
 he'd never met a computer system he couldn't crack. As "The
Equalizer," he was an FBI informant, reporting on the activities of
other hackers. As Max Butler, he was a family man in Santa Clara,
California who ran a  Silicon Valley security firm. 

http://www.linuxsecurity.com/articles/hackscracks_article-3069.html



* A common language for security vulnerabilities
May 25th, 2001

When hackers want to breach your systems, they typically  look for
well-known security flaws and bugs to exploit. In  the past, vendors
and hackers gave different names to the  same vulnerabilities. One
company might package a group  of five vulnerabilities into a patch
or service pack and call it  by one name, while another vendor might
call the same  group by five separate names. 

http://www.linuxsecurity.com/articles/projects_article-3070.html



* Security outsourcing set to soar
May 23rd, 2001

Spurred on by the  increasing complexity of  systems and the 
seemingly growing  number of threats,  businesses with critical 
electronic processes are  increasingly turning to  third party
security  suppliers to guard their  gates.    

http://www.linuxsecurity.com/articles/general_article-3054.html



* NSF funds infosec scholarships
May 23rd, 2001

The National Science Foundation on Tuesday announced it has awarded
$8.6 million  in scholarship money to six schools in the first round
of its Scholarship for Service program. The program provides
scholarships to undergraduate and graduate students who  agree to
study information security and information assurance in exchange for
two  years of related government service. 

http://www.linuxsecurity.com/articles/government_article-3053.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.
Previous By Date Next
Previous By Thread Next

Current thread: