Linux Security Week - September 24th 2001

[InfoSec News <isn () c4i org>]

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "How to install
GnuPG," "10 minutes to an iptables-based Linux firewall," and "Anonymizing
with Squid Proxy."

 Are you tired of rebuilding servers hit by NIMDA?
 
 EnGarde Secure Linux was designed from the ground up as a secure
 solution, starting with the principle of least privilege, and carrying it
 through every aspect of its implementation.
 
* http://www.engardelinux.org 
  
Take advantage of our Linux Security discussion list!  This mailing list
is for general security-related questions and comments. To subscribe send
an e-mail to security-discuss-request () linuxsecurity com with "subscribe"
as the subject.

This week, advisories were released for most, apache, and windowmaker.  
The vendors include Debian, Mandrake, and SuSE.

http://www.linuxsecurity.com/articles/forums_article-3699.html


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+

 
* How to install GnuPG
September 21st, 2001

There is a standard list of reasons why you might want to consider the use
of encryption to ensure the privacy of your business and/or personal data.
In the Resources section below, I've provided links to half a dozen sites,
each explaining why such protection is a good thing.

http://www.linuxsecurity.com/articles/cryptography_article-3709.html


* 10 minutes to an iptables-based Linux firewall
September 21st, 2001

The 2.2 version of the Linux kernel used the ipchains application to
control the firewall. For standard firewalling, ipchains is a decent
solution. We still use it on some of our machines, and there is still a
positive argument for 2.2 kernel-based firewalls, because the 2.4 kernel
still has some stability issues under heavy load.

http://www.linuxsecurity.com/articles/firewalls_article-3707.html


 
+------------------------+
| Network Security News: |
+------------------------+
 
* Protect Your Network from the Nimda worm
September 21st, 2001

The Nimda worm has spread wildly, infecting many Microsoft Windows 9x, ME,
NT 4.0, and 2000 machines, and its network scans have brought some
networks to their knees. It was first reported on September 18th in the
morning almost one week after the terrorist attack on the World Trade
Center and the Pentagon.

http://www.linuxsecurity.com/articles/server_security_article-3710.html


* Anonymizing with Squid Proxy
September 21st, 2001

The debate over the ethics of using an employer's system to surf the Net
is ongoing. Employee privacy rights and whether or not the company owns
the contents of employees' machines are just two facets of it. The
opportunity for system administrators to view personal information
disclosed through Web surfing may also pose serious security concerns.

http://www.linuxsecurity.com/articles/privacy_article-3704.html


* Nimda Snort Rules
September 20th, 2001

Everyone and their brother has put out an advisory on NIMDA, the latest
worm to thrash IExplore, Outlook Express, and IIS. This worm does a number
of cute things that are well documented in the SANS advisory available
here.

http://www.linuxsecurity.com/articles/intrusion_detection_article-3698.html


* A Perl Package for Monitoring Traffic
September 17th, 2001

The rtr-graph package described in this article is a set of Perl scripts
for polling routers (or other SNMP-enabled devices)  for information about
traffic in and out of specified interfaces. You can set up "rtr-traff" as
a cron job to poll the interface at a specified interval, then use a CGI
script for a Web front end to the finished graphs.

http://www.linuxsecurity.com/articles/server_security_article-3678.html



 
+------------------------+
| Cryptography News:     |
+------------------------+
 

* Lawmaker: More encryption needed
September 22nd, 2001

A U.S. lawmaker well versed in technology issues said Friday that
government bodies and citizens should use more encryption, not less, to
increase security on the Internet. In the wake of last Tuesday's
hijackings that left more than 6,500 Americans dead or missing,
policy-makers have called for limits on popular encryption software that
allows users to scramble Internet communications for privacy

http://www.linuxsecurity.com/articles/cryptography_article-3711.html



+------------------------+
| Vendors/Products:      |
+------------------------+

* vsFTPd Includes Bandwidth Control!
September 23rd, 2001

With yet another Linux-based vulnerability hitting last week, Mark Read,
network security analyst at MIS Corporate Defence Solutions, delves into
an age-old debate that fuels many a discussion.  Yes, it's the same old
story of Microsoft versus Linux in the race for optimum IT security.

http://www.linuxsecurity.com/articles/server_security_article-3715.html



+------------------------+
| General Security News: |
+------------------------+

* Security takes centre stage at conference
September 23rd, 2001

The Information Security Solutions Europe (ISSE) 2001 conference in London
next week will attract many companies eager to improve computer security.  
The conference, which runs from this Wednesday until Friday at the QEII
conference centre, will bring together government ministers, European
commissioners, legal experts and security specialists, who will debate
current IT security concerns and suggest possible solutions.

http://www.linuxsecurity.com/articles/organizations_events_article-3716.html


* Attrition: Commentary on Patriotic Hacking
September 21st, 2001

Attrition staff have been getting several mails warning of impending
"patriotic hacking" in retaliation for the terrorist attacks on September
11. Some are from the usual opportunists, exploiting world-wide attention
on the recent terrorist attacks to further their own agenda. Others are
from people who just want to do -something- to feel like they are striking
back at those responsible, even if it's the wrong thing

http://www.linuxsecurity.com/articles/forums_article-3706.html


* Concern Over Proposed Changes in Internet Surveillance
September 21st, 2001

Significant and perhaps worrisome changes in the government's Internet
surveillance authority have been proposed by legislators in the wake of
the attacks on the World Trade Center and the Pentagon. Indeed, so much is
happening so quickly it's hard to keep track of the legislative process,
let alone follow the ongoing debate between fast-moving law enforcement
experts and more cautious civil libertarians.

http://www.linuxsecurity.com/articles/privacy_article-3703.html


* NIST: Final security guide arrives
September 19th, 2001

The National Institute of Standards and Technology on Sept. 10 released
the final version of a step-by-step guide for agencies to measure the
effectiveness of their information security programs and plans. The
special publication, "Security Self-Assessment Guide for Information
Technology Systems," is a how-to guide that complements the CIO Council's
Federal IT Security Assessment Framework.

http://www.linuxsecurity.com/articles/government_article-3686.html


* Is Linux secure enough?
September 19th, 2001

Although proponents argue that Linux is at least as secure-and perhaps
more secure-than Unix, Microsoft Corp.'s Windows NT or Novell Corp.'s
NetWare, there is still concern at many federal agencies about the
operating system's safety.

http://www.linuxsecurity.com/articles/server_security_article-3689.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.