LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: January 17th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Open-Source Tool Roots Out More Exploits," "Major penetration tool upgrade gets sysadmin hearts beating," and "How Security Exploits Threaten Government Infrastructures."


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. Click to find out more!

LINUX ADVISORY WATCH - This week, advisories were released for php, ethereal, krb, kerberos, lintian, kdelibs, linpopup, bmv, exim, libc6, exim-tls, gopher, libtiff, gtk, selinux-policy-targeted, epiphany, kernel, yum, samba, cups, subversion, vim, samba, gdpdf, dillo, tikiwiki, pdftohelp, mpg123, imlib2, poppassed_pam, kde, nfs-utils, hylafax, fcron, lesstif, and unarj. The distributors include Contectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, SuSE, Trustix, and TurboLinux.

LinuxSecurity.com Feature Extras:

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

A 2005 Linux Security Resolution - Year 2000, the coming of the new millennium, brought us great joy and celebration, but also brought great fear. Some believed it would result in full-scale computer meltdown, leaving Earth as a nuclear wasteland. Others predicted minor glitches leading only to inconvenience. The following years (2001-2004) have been tainted with the threat of terrorism worldwide.

State of Linux Security 2004 - In 2004, security continued to be a major concern. The beginning of the year was plagued with several kernel flaws and Linux vendor advisories continue to be released at an ever-increasing rate. This year, we have seen the reports touting Window's security superiority, only to be debunked by other security experts immediately after release. Also, Guardian Digital launched the new LinuxSecurity.com, users continue to be targeted by automated attacks, and the need for security awareness and education continues to rise.

 

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Patching takes over IT for a day
  10th, January, 2005

The engineers at vulnerability testing tool vendor nCircle Network Security spend US$100 per month at the coffee shop in the lobby of their office building in downtown San Francisco. But there is one day each month when a trip to the cafe is more urgent than at any other time: Patch Tuesday.

http://www.linuxsecurity.com/content/view/117835

 
 
  Open-Source Tool Roots Out More Exploits
  13th, January, 2005

A group of security volunteers on Tuesday released a new version of an advanced open-source framework for developing, testing and using exploits.

http://www.linuxsecurity.com/content/view/117910

 
  Not Dead Yet: NT Gets Patches Even Though Support's Over
  13th, January, 2005

Although Microsoft has repeatedly warned users of Windows NT that security fixes would cease and desist as of Jan. 1, 2005, January's regularly-scheduled patches actually included one for the obsolete and retired operating system.

http://www.linuxsecurity.com/content/view/117916

 
  Vital Files Exposed In GMU Hacking
  13th, January, 2005

A computer hacker apparently broke into a George Mason University database containing student and employee Social Security numbers, leaving 32,000 people uncertain whether their finances or identities might be compromised.

http://www.linuxsecurity.com/content/view/117917

 
  Major penetration tool upgrade gets sysadmin hearts beating
  14th, January, 2005

A major update to highly regarded open-source penetration testing tool Metasploit Framework (MSF) has been released by its volunteer developers. MSF is designed to exploit dozens of security holes with just a few clicks.

http://www.linuxsecurity.com/content/view/117928

 
  It's Patch Time For Linux Distros
  14th, January, 2005

Linux vendors have patched a flurry of flaws uncovered in multiple distros by independent security firms.

http://www.linuxsecurity.com/content/view/117929

 
  Letting The Telecommuters Into The Network
  10th, January, 2005

Locking down the network and patrolling the perimeter is a never-ending job. Still, it feels good to get through another shift on the Forbidden Planet without an invisible force penetrating your shield and setting off alarms. But there's a change: now, other humans want to work from their home worlds -- but by mind alone, over the computer screen. It's up to you to create for them a safe passage (one that won't have Robby the Robot all stirred up and carrying Anne Francis around like a rag doll) and to make sure the Krell don't come sneaking in, under the fence, behind the newcomers.

http://www.linuxsecurity.com/content/view/117845

 
  VOIP Security Gets Extreme
  11th, January, 2005

With the launch of its Aspen 8800 enterprise LAN switches, Extreme Networks Inc. is challenging network designers to rethink the way they build systems to deal with voice traffic and growing internal security threats.

http://www.linuxsecurity.com/content/view/117871

 
  How To Keep Spyware Off Your Enterprise Network
  11th, January, 2005

Spyware is challenging spam and viruses for the top spot on IT worry lists. Spyware poses considerable threats and risks to enterprise networks and remediation and countermeasures are now being regarded as critical to network security.

http://www.linuxsecurity.com/content/view/117873

 
  Cyberterrorism could devastate U.S. economy
  12th, January, 2005

Don't say we didn't warn you: At some point in the next decade, there will be a "devastating attack" on the Internet or power grid.

http://www.linuxsecurity.com/content/view/117890

 
  Hacker Takes Seven-Month Spree On T-Mobile Network
  13th, January, 2005

A hacker broke into a wireless carrier's network over at least seven months and read e-mails and personal computer files of hundreds of customers, including the Secret Service agent investigating the hacker, the government said Wednesday.

http://www.linuxsecurity.com/content/view/117909

 
  The Perils of Deep Packet Inspection
  14th, January, 2005

This paper looks at the evolution of firewall technology towards Deep Packet Inspection, and then discusses some of the security issues with this evolving technology.

http://www.linuxsecurity.com/content/view/117933

 
  Sophos to Join 2005 Southern California Linux Expo
  12th, January, 2005

The Southern California Linux expo has announced that Sophos has signed on as one of the latest sponsors of SCALE 3x, the Third Annual Southern California Linux Expo. SCALE 3x has been called " .. one of the few good grass-root level technical conferences for Linux" by Linux Kernel Developer Robert Love.

http://www.linuxsecurity.com/content/view/117881

 
  Linux Netwosix Virtual Community is born!
  9th, January, 2005

Finally the first Linux Netwosix Virtual Community is born.

http://www.linuxsecurity.com/content/view/117825

 
  Firefox: The ultimate test for open source?
  10th, January, 2005

The adoption of the Mozilla Foundation's browser by millions of non-technical users could be the biggest test yet of open source development.

http://www.linuxsecurity.com/content/view/117834

 
  VMware Introducing Secure Desktop Provisioning For Remote Workers
  10th, January, 2005

A new product from VMware stands to parlay its profitable virtualization technology into the growing enterprise desktop management and security space.

http://www.linuxsecurity.com/content/view/117838

 
  PIKT 1.18.0 for Linux released
  11th, January, 2005

PIKT, Problem Informant/Killer Tool, v1.18.0 has been released. PIKT is a cross-categorical, multi-purpose toolkit to monitor and configure computer systems, organize system security, format documents, assist command-line work, and perform other common systems administration tasks.

http://www.linuxsecurity.com/content/view/117847

 
  Guardian Digital Launches New Edition of Award-Winning EnGarde Secure Linux Distribution
  12th, January, 2005

Guardian Digital, Inc., the worldÕs premier provider of open source security solutions, today announced the expansion of its product portfolio with the launch of EnGarde Secure Linux: Basic Edition, a low-cost alternative to the award-winning EnGarde Secure Linux operating platform. Responding to the economic and network security requirements of individuals and small business users, EnGarde Basic is a flexible platform upon which users can build a comprehensive Internet infrastructure including features that provide leading-edge security, ease of management and standard Internet functions.

http://www.linuxsecurity.com/content/view/117891

 
  BitDefender ups Linux AV offering
  14th, January, 2005

BitDefender has unveiled three new products for its 1.6.1 generation of BitDefender for Linux mail servers, in a bid to bolster its offering for the Linux community.

http://www.linuxsecurity.com/content/view/117927

 
  Spammers' New Tactic Upends DNS
  10th, January, 2005

Although some ISPs and legislators are crediting the year-old CAN-SPAM Act and better technology for recent gains in the war on spam, many in the industry say the advances are forcing spammers to employ new tactics, which are destabilizing the Internet's crucial DNS.

http://www.linuxsecurity.com/content/view/117839

 
  New Windows boxes under heavy fire, Linux largely untouched
  10th, January, 2005

There will be more new Windows computers booting up than those running Linux after the most recent season of giving. But there's no safety in numbers; recent analysis and expert opinion indicates the Microsoft machines will be quickly and heavily targeted by attackers, while Linux computers are largely left alone.

http://www.linuxsecurity.com/content/view/117844

 
  Say 'No' to Bad Code
  11th, January, 2005

Opinion: Clean software at the start will save time and moneyÑnot to mention customersÑdown the road.

http://www.linuxsecurity.com/content/view/117876

 
  Torvalds Criticizes Security Approaches
  14th, January, 2005

Linux creator Linus Torvalds had a few things to say this week about the way potential security issues are disclosed to fellow open sourcers. And it wasn't all good.

http://www.linuxsecurity.com/content/view/117930

 
  2005 Off to an Insecure Start
  14th, January, 2005

Opinion: The development cycle of vulnerability definition, exploit programming and attack deployment is moving at full speed. The prospects for a 2005 full of grief for users and IT are excellent.

http://www.linuxsecurity.com/content/view/117932

 
  Linux in Government: How Security Exploits Threaten Government Infrastructures
  10th, January, 2005

The Linux in Government series has taken a new format for 2005. This year's articles will provide fundamental information to government technologists about Linux and open-source software. Although we will continue to inform you about agencies and projects specifically using open-source solutions, we also are going to provide information about open-source resources available to governments.

http://www.linuxsecurity.com/content/view/117836

 
  Homeland Security Offers Online Tool To Assess Stadium Security
  11th, January, 2005

Fashioned after online self-assessment tools used by authorities to assess vulnerabilities at airports, the Department of Homeland Security on Friday unveiled software it developed to let officials identify vulnerabilities and assess the security at stadiums with large seating capacity.

http://www.linuxsecurity.com/content/view/117858

 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse Californias New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.