Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - May 20th 2002

From: InfoSec News <isn () c4i org>
Date: Tue, 21 May 2002 04:27:36 -0500 (CDT)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  May 20th, 2002                               Volume 3, Number 20n  |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+
 
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
 
This week, perhaps the most interesting articles include "PortSentry for
Attack Detection," "Tips on basic Linux server security," "Suid programs,
getting to the root of the problem," and "Enhancing VPN Security with
Digital Certificates."

This week, advisories were released for icecast, shareutils, fileutils,
imapd, shadow/pam modules, lukemftp, openssh, tcpdump, and mpg123.  The
Vendors include Caldera, Mandrake, Red Hat, and SuSE.

http://www.linuxsecurity.com/articles/forums_article-5004.html

Security & Simplicity, Finally!
  - Are you looking for a solution that provides the applications
  necessary to easily create thousands of virtual Web sites, manage
  e-mail, DNS, firewalling database functions for an entire
  organization, and supports high-speed broadband connections all
  using a Web-based front-end? EnGarde Secure Professional provides
  those features and more!
 
  --> http://www.guardiandigital.com/features-professional.html

Find technical and managerial positions available worldwide.  Visit the
LinuxSecurity.com Career Center: http://careers.linuxsecurity.com
 
 
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+
 
* PortSentry for Attack Detection, Part One
May 16th, 2002

Portsentry by Psionic Technologies is a component of their TriSentry suite
of attack detection tools: portsentry, hostsentry, and logsentry. This
article is the first of a two-part series that will describe in detail how
Portsentry works from both a theoretical and a technical point of view.The
second article will discuss installing, configuring, and tailoring
PortSentry for individual systems.

http://www.linuxsecurity.com/articles/intrusion_detection_article-4996.html


* Securing Linux
May 16th, 2002

This article covers various aspects of securing and running linux. By
combining different utilities and aspects of keeping your system secure
you'll reap multiple benefits, and keep your nerves in a good shape.

http://www.linuxsecurity.com/articles/host_security_article-5000.html


* Tips on basic Linux server security
May 14th, 2002

If you just put your Apache web server online, and are thinking into
making the first step in your system security, this brief article will
help you do that. By having your own server, you must understand the
responsibility behind it.

http://www.linuxsecurity.com/articles/server_security_article-4982.html


* Suid programs, getting to the root of the problem
May 13th, 2002

There are always some little touches left to make your linux even a bit
more secure, involving suid, nouser, sudo and etc. Now, this article is
newbie friendly, but it also requires some small amount of knowledge. Fear
not, for I shall explain everything as painfully as I can. So sit back,
grab yourself your favorite drink, some peanuts and relax. 3,2,1...

http://www.linuxsecurity.com/articles/host_security_article-4974.html



+------------------------+
| Network Security News: |
+------------------------+
 
* The hidden costs of systems downtime
May 14th, 2002

Businesses are increasingly concerned by the devastating effect of hacking
and viruses, but many still do not allocate funds directly for responding
to premeditated attacks or system downtime.  Forrester Research
interviewed security managers at 50 blue chip companies.

http://www.linuxsecurity.com/articles/general_article-4981.html


* Enhancing VPN Security with Digital Certificates
May 13th, 2002

Corporations large and small are embracing virtual private networks (VPNs)
as a means to build networks that provide secure access for remote and
mobile employees.

http://www.linuxsecurity.com/articles/cryptography_article-4976.html



+------------------------+
|  Cryptography:         |
+------------------------+
 
* Crypto-Gram May 15, 2002
May 15th, 2002

This month's crypto-gram talks about the principles of Secrecy, Security,
and Obscurity, fingerprint readers, general industry news, and
commentaries from Bruce Schneier.

http://www.linuxsecurity.com/articles/cryptography_article-4995.html




+------------------------+
|  Vendor/Products:      |
+------------------------+

* OpenSSH 3.2.2 Released
May 16th, 2002

This month's crypto-gram talks about the principles of Secrecy, Security,
and Obscurity, fingerprint readers, general industry news, and
commentaries from Bruce Schneier. The Crypto-Gram is a free monthly
newsletter providing summaries, analyses, insights, and commentaries on
computer security and cryptography.

http://www.linuxsecurity.com/articles/cryptography_article-5003.html



+------------------------+
|  General:              |
+------------------------+

* Web privacy bill sent to Senate
May 17th, 2002

A Senate committee Friday sent an online privacy protection bill to the
full Senate, but business lobbyists vowed to keep trying to derail the
measure before it becomes law.  "It's time Congress acted on privacy,"
declared South Carolina Democrat Sen. Ernest Hollings, chairman of the
Senate Commerce Committee that voted 15-8 to approve his bill/

http://www.linuxsecurity.com/articles/privacy_article-5008.html


* Shades of gray
May 17th, 2002

Recently, "Gray Hat" crackers have been garnering a fair amount of
publicity, exposing holes for nothing more than notoriety and a sense of
self-fulfillment. These individuals seek out corporate networks and
servers to pick them apart, find weaknesses the site administrators might
have missed and make them public.

http://www.linuxsecurity.com/articles/hackscracks_article-5010.html


* Privacy: Are you aware of the trade-offs?
May 16th, 2002

Online privacy isn't the issue it once was, if indeed people really ever
cared about it.  Oh sure, everyone's in favor of privacy in the same way
that they're in favor of Mom and apple pie, but exactly how software
should preserve privacy is a more controversial issue.

http://www.linuxsecurity.com/articles/privacy_article-4998.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: