Linux Security Week - December 1st 2003

[InfoSec News <isn () c4i org>]

+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  December 1st, 2003                            Volume 4, Number 48n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Detecting
Intrusions with your Firewall Log and OsHids," "Firewall Builder 1.1," and
"SSL: Not So Secure For Network Security."

> > Free Trial SSL Certificate from Thawte <<

Take your first step towards giving your online business a competitive
advantage. Test-drive a Thawte SSL certificate our easy online guide will
show you how.

Get started now:
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte28

---

LINUX ADVISORY WATCH:
This week, advisories were released for BIND, Ethereal, Glibc, Libnids,
phpSysInfo, Stunnel, EPIC, iproute, Pan, and XFree86. The distributors
include Guardian Digital's EnGarde Linux, Gentoo, Mandrake, and Red Hat.

http://www.linuxsecurity.com/articles/forums_article-8420.html

---

Guardian Digital Launches First Secure Small Business Internet
Productivity Solution

Building a complete Internet security and productivity system for your
organization just got a whole lot simpler and more secure with Guardian
Digital Internet Productivity Suite. Web-based management, spam and virus
control, groupware, VPN services, and more!

Find out more now:
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=ips01

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+

* Secure Web Sites and Servers
November 28th, 2003

If you are hosting your Web site on your own server, you need to pay
particular attention to security. You should probably install intrusion
detection software such as Tripwire.  If you're running a Web server you
need to be aware of security issues that can impact your business. Hackers
patrol the Web and are always looking for new domains that have not got
up-to-date security on their systems.

http://www.linuxsecurity.com/articles/server_security_article-8421.html


* Probability Defense: Bayesian Filters
November 27th, 2003

Bayesian filtering works very well, measured at greater than 99.9 percent
accuracy at detecting spam and other unwanted e-mails.  In his paper, "A
Plan For Spam", Paul Graham popularized Bayesian filtering on word
groupings to prevent spammers from getting their messages across. After
all, how can you sell a new genital enlargement cream without using the
words "enlargement" or "bigger" in conjunction with certain other words?

http://www.linuxsecurity.com/articles/server_security_article-8418.html


* Java security, Part 1: Crypto basics
November 26th, 2003

The Java platform, both its base language features and library extensions,
provides an excellent base for writing secure applications. In this
tutorial, the first of two parts on Java security, Brad Rubin guides you
through the basics of cryptography and how it is implemented in the Java
programming language, using plenty of code examples to illustrate the
concepts.

http://www.linuxsecurity.com/articles/cryptography_article-8411.html


* Detecting Intrusions with your Firewall Log and OsHids
November 25th, 2003

In this article we are going to talk about one of the basics, but
powerful, methods of Intrusion Detection: Firewall's Log analysis.
Although a firewall generates a lot of log, being difficult to analyze it,
you can use the OsHids tool to monitor your logs (generating an easy to
view log in html with an PHP interface) and help you visualize any attempt
to bypass your firewall policy.

http://www.linuxsecurity.com/articles/intrusion_detection_article-8401.html


+------------------------+
| Network Security News: |
+------------------------+

* Routers don't protect by default
November 28th, 2003

Routers are a good way to protect your computer from malicious attacks,
but they are ineffective if not configured correctly. For example,
wireless routers are inherently less secure than wired ones since they
broadcast data back and forth between your computer and your Internet
connection via high-frequency radio signals which can be intercepted.

http://www.linuxsecurity.com/articles/network_security_article-8424.html


* Weak monitoring lets hackers run riot
November 28th, 2003

Too many IT administrators are taking their eye off the ball and allowing
easy back-door entry into company systems, a leading computer forensics
expert has claimed.  In an interview with vnunet.com, Bryan Sartin,
technology director at security service provider Ubizen, said that
breaches are often the result of poor monitoring.

http://www.linuxsecurity.com/articles/hackscracks_article-8423.html


* Firewall Builder 1.1
November 26th, 2003

Firewall Builder consists of an object-oriented GUI and a set of policy
compilers for various firewall platforms. In Firewall Builder, a firewall
policy is a set of rules; each rule consists of abstract objects that
represent real network objects and services (hosts, routers, firewalls,
networks, protocols).

http://www.linuxsecurity.com/articles/firewalls_article-8407.html


* Think Like a Hacker - The Best Scanning Tool
November 26th, 2003

A curious change has come over the image of computer security in the last
few years. Whereas headlines once screamed the exploits of allegedly evil
hackers, the story now is all about bad code -- unpatched software, poorly
secured firewalls and computer passwords left in plain sight. The hackers
are not the real culprits; the security holes are.

http://www.linuxsecurity.com/articles/host_security_article-8408.html


* SSL: Not So Secure For Network Security
November 24th, 2003

The omnipresent SSL (Secure Socket Layer) which is supposed to offer a
secure channel to transmit sensitive data across the Internet, may
actually be opening up a gaping hole in your network security. This was
the surprising bit of information was delivered to the attending bankers
on the second day of bank.net event here in Mumbai by Udi Segall,
Marketing Product Manager Radwell.

http://www.linuxsecurity.com/articles/network_security_article-8391.html



+------------------------+
| General Security News: |
+------------------------+

* Wi-Fi arrest highlights security dangers
November 28th, 2003

Experts agree on one point: As the popularity of wireless local-area
networking gear grows for small businesses and consumers, break-ins on
unsecured networks are likely to become more common and increasingly
involve criminal activity, experts said. Wi-Fi shipments are expected to
nearly quadruple from a projected 9.8 million units this year to 47.4
million units by 2007, according to research firm Synergy Research Group.

http://www.linuxsecurity.com/articles/hackscracks_article-8425.html


* So when will Linux vendors charge for security fixes?
November 28th, 2003

Linux vendors spend money building security bug fixes. How much longer
will they give them away for free, writes SecurityFocus columnist Hal
Flynn.

http://www.linuxsecurity.com/articles/vendors_products_article-8419.html


* Secrets of Computer Espionage: Tactics and Countermeasures
November 24th, 2003

All the books I've reviewed so far are there to teach you how to protect
your system from various intrusion attempts, show you how to configure
things for optimal performance or provide you with an understanding of an
operating system. The book I've read this time deals with a topic that is
often overlooked but still very important - computer espionage.

http://www.linuxsecurity.com/articles/documentation_article-8398.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.