Linux Security Week - March 15th 2004

[InfoSec News <isn () c4i org>]

+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  March 15th, 2004                              Volume 5, Number 11n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Rumors of Third
Vulnerability in Linux Kernel Prove Unfounded," "VLANs on Linux," and
"Open Source Gets Serious: A New Window on Linux."

----

> > Bulletproof Virus Protection <<

Protect your network from costly security breaches with Guardian Digitals
multi-faceted security applications.  More then just an email firewall, on
demand and scheduled scanning detects and disinfects viruses found on the
network.

  http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn04

----

LINUX ADVISORY WATCH:
This week, advisories were released for the Linux kernel, sysstat,
mailman, coreutils, libxml2, mozilla, and kdelibs. The distributors
include Debian, Fedora, Gentoo, Mandrake, OpenBSD, Red Hat, and Trustix.

http://www.linuxsecurity.com/articles/forums_article-9035.html


Interview with Vincenzo Ciaglia, Founder of Netwosix - In this article, a
brief introduction of Netwosix is given and the project founder Vincenzo
Ciaglia is interviewed.  Netwosix is light Linux distribution for system
administrators and advanced users.

http://www.linuxsecurity.com/feature_stories/feature_story-160.html

--------------------------------------------------------------------

Guardian Digital Launches Next Generation EnGarde Secure Linux

Guardian Digital, Inc., the world's premier open source security company,
announced an update to the next generation, award-winning platform that
delivers features designed to ease the process of building a complete
Internet presence and the level of security necessary to prevent system
compromise.

http://www.linuxsecurity.com/feature_stories/feature_story-159.html


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]----------
+---------------------+

* Guardian Digital Upgrades Secure Mail Suite
March 11th, 2004

The 3.0 version of Secure Mail Suite from Guardian Digital, which builds
Internet security products from open source software, adds the Content and
Policy Enforcement engine that addresses user privacy, spam and virus
protection, corporate policy enforcement and content analysis.

http://www.linuxsecurity.com/articles/vendors_products_article-9034.html


* Delivering better security, telephony, and privacy
March 10th, 2004

The new Linux 2.6 kernel offers many improvements over the 2.4 version.
One area of technical advancement is in the kernel networking options.
Although there are enhancements in most of the files associated with the
networking options, this article focuses on major feature improvements and
additions that affect entire sections rather than on specific files.

http://www.linuxsecurity.com/articles/host_security_article-9028.html


* Rumors of Third Vulnerability in Linux Kernel Prove Unfounded
March 10th, 2004

A story published yesterday by SearchEnterpriseLinux.com incorrectly
reported that a third mremap vulnerability had been discovered in the
Linux kernel. Separate and unrelated flaws had been reported in the memory
management system call in January and February. On March 1, researcher
Paul Starzetz released an update to his initial advisory that a robust
proof-of-concept exploit code had been produced for the flaw detailed in
February.

http://www.linuxsecurity.com/articles/host_security_article-9025.html


* Security One Step at a Time
March 9th, 2004

As I write this, yet another e-mail worm is spreading among non-Linux
computers and incidentally filling my mailbox with "YOU HAVE A VIRUS"
bounces from dumb software that somehow doesn't yet get the concept that
worms forge mail. There's nothing like a worm attack that spares Linux to
bring out the smug superiority in Linux users.

http://www.linuxsecurity.com/articles/server_security_article-9016.html


* Linux meets enterprise server challenge
March 8th, 2004

Government officials are beginning to sit up and take notice of the Linux
operating system.  A few years ago, Linux began appearing in data centers
as information technology professionals discovered that the open-source
operating system could easily tackle basic network tasks -- such as Web,
file and print serving -- more cost-effectively than its commercial
counterparts.

http://www.linuxsecurity.com/articles/government_article-9010.html



+------------------------+
| Network Security News: |
+------------------------+

* Understanding Firewalls
March 11th, 2004

Understanding Firewalls anything can access your computer at any time,
your computer is more susceptible to being attacked. You can restrict
outside access to your computer and the information on it with a firewall.

http://www.linuxsecurity.com/articles/firewalls_article-9031.html


* VLANs on Linux
March 11th, 2004

To begin, we must have a more formal definition of what a LAN is. LAN
stands for local area network. Hubs and switches usually are thought of as
participating in a single LAN. Normally, if you connect two computers to
the same hub or switch, they are on the same LAN. Likewise, if you connect
two switches together, they are both on the same LAN.

http://www.linuxsecurity.com/articles/network_security_article-9029.html


* Symbiot launches DDoS counter-strike tool
March 11th, 2004

Security company Symbiot is about to launch a product that can hit back at
hackers and DDoS attacks by lashing out with its own arsenal of tricks,
but experts say it may just be a bit too trigger-happy Symbiot, a
Texas-based security firm, is preparing to launch a corporate defence
system at the end of March that can fight back against distributed
denial-of-service (DDoS) and hacker attacks by launching a counter-strike.

http://www.linuxsecurity.com/articles/network_security_article-9032.html


+------------------------+
| General Security News: |
+------------------------+

* Open-source gets serious: A new window on Linux
March 11th, 2004

Thanks to its streamlined and relatively secure core, the Linux operating
system has gradually been winning a place on servers in federal agencies.
Now Linux is making inroads on desktop PCs as well, territory that has
long been ruled by Microsoft Corp.'s Windows.

http://www.linuxsecurity.com/articles/general_article-9030.html


* Infosecurity Europe 2004
March 10th, 2004

Infosecurity Europe 2004 opens its doorsto over 10,000 buyers and sellers
in IT Security. Infosecurity Europe provides theultimate forumfor sourcing
opportunities, information updates and free educational forums, tackling
the key technology issues set to affect your business.

http://www.linuxsecurity.com/articles/organizations_events_article-9026.html


* Survey: CIOs Say Security Is Top Priority
March 9th, 2004

Chief information officers (CIOs) at enterprises worldwide remain cautious
about boosting their technology spending, and the money they do spend will
concentrate on security and business intelligence, said a survey released
Tuesday.

http://www.linuxsecurity.com/articles/general_article-9021.html


* Is password-lending a cybercrime?
March 8th, 2004

In a little-observed civil lawsuit involving tracking of magazine
subscriptions, a federal court in Manhattan issued a ruling last week that
could theoretically result in prosecutors going after people who use
another person's password and userid with their permission, but without
the permission of the issuer.

http://www.linuxsecurity.com/articles/government_article-9014.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.