LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: January 24th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Linux Vulnerabilities Creep Toward the Desktop," "Unpatched Linux Systems Last Longer than Windows," and "Router Protection is Necessary in 2005."


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. Click to find out more!

LINUX ADVISORY WATCH - This week, advisories were released for twiki, xine, libtiff, mc, gatos, playmidi, chbg, cups, imagemagick, mysql, xpdf, xtrlock, mysql, sword, squid, gimp, dovecot, dhcp, bind, vixie-cron, sysklogd, alsa-lib, grep, kernel-utils, ethereal, mpg123, playmidi, and krb5. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, SuSE, and TurboLinux.

LinuxSecurity.com Feature Extras:

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

A 2005 Linux Security Resolution - Year 2000, the coming of the new millennium, brought us great joy and celebration, but also brought great fear. Some believed it would result in full-scale computer meltdown, leaving Earth as a nuclear wasteland. Others predicted minor glitches leading only to inconvenience. The following years (2001-2004) have been tainted with the threat of terrorism worldwide.

State of Linux Security 2004 - In 2004, security continued to be a major concern. The beginning of the year was plagued with several kernel flaws and Linux vendor advisories continue to be released at an ever-increasing rate. This year, we have seen the reports touting Window's security superiority, only to be debunked by other security experts immediately after release. Also, Guardian Digital launched the new LinuxSecurity.com, users continue to be targeted by automated attacks, and the need for security awareness and education continues to rise.

 

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Linux Vulnerabilities Creep Toward the Desktop
  17th, January, 2005

As Linux increasingly hits the enterprise Relevant and consumer mainstream, a growing number of security threats are emerging which prey on holes in applications and files managed by desktop users.

http://www.linuxsecurity.com/content/view/117943

 
  Honeypot Project: Unpatched Linux Systems Last Longer than Windows
  19th, January, 2005

The Honeypot Project has added fuel to the debate over which is more secureÑLinux or WindowsÑwith findings that unpatched Linux systems can be on the Internet for months before being successfully attacked while Windows systems have been compromised in as little as hours.

http://www.linuxsecurity.com/content/view/117968

 
  Oracle Patch Fixes 23 'Critical' Vulnerabilities
  20th, January, 2005

Oracle Corp. late Tuesday issued a "critical patch update" to address 23 security holes in its database and application server products.

http://www.linuxsecurity.com/content/view/117995

 
  Security Firm Uncovers Flaws in Mac OS X's Darwin
  20th, January, 2005

Security company Immunity says it has found several vulnerabilities in Darwin, the implementation of Unix that underlies Apple Computer Inc.'s Mac OS X operating system.

http://www.linuxsecurity.com/content/view/117996

 
  VoIP Is Scary
  18th, January, 2005

Imagine that you deliver an application with 100%, instant-on availability. Security is rock-solid. Costs are dropping. Users never complain. And anytime you upgrade, even if you buy software and gear with new features from a different vendor, user acceptance is always immediate and training virtually nil.

http://www.linuxsecurity.com/content/view/117960

 
  Review: Intrusion-Protection Systems
  20th, January, 2005

Detecting network intrusions is no longer enough. Smart organizations aim to prevent them. No wonder: The lag between vulnerability announcement, patch release and exploit is shrinking like a cheap trade-show T-shirt. The Blaster attack came only 25 days after the patch was released, and Sasser was even faster--18 days. In March, the Witty worm struck a buffer-overflow vulnerability one day after the flaw was discovered.

http://www.linuxsecurity.com/content/view/117988

 
  Notes From Security School
  18th, January, 2005

The underground world of the computer hacker may seem like a place where chaos rules, but the reality is there's a method to the hacker's perceived madness. And understanding that method is critical to knowing how best to respond to a skilled attacker.

http://www.linuxsecurity.com/content/view/117961

 
  Router Protection is Necessary in 2005
  21st, January, 2005

How safe is the router? Not too safe. From a security standpoint, 2005 is the year that the router becomes the Achilles heel of the network, says Dan Jackson, president and COO of DeepNines Technologies, the only company capable of protecting networks from in front of the router.

http://www.linuxsecurity.com/content/view/118015

 
  Linux fights off hackers
  17th, January, 2005

Linux systems are getting tougher for hackers to crack, security experts have reported today.

http://www.linuxsecurity.com/content/view/117946

 
  Automated Tools Fight Security Wars
  18th, January, 2005

Last year, a computer worm that conducts automated reconnaissance appeared; it uses the Google Inc. search engine to automatically find Web sites running vulnerable bulletin-board software and then defaces them. The financial-services industry noticed a spike last fall in phishing attempts to steal money from customers' accounts and put the blame on a new toolkit that made it easier to set up such scams.

http://www.linuxsecurity.com/content/view/117958

 
  Linux servers safer than ever
  20th, January, 2005

Attackers are no longer bothering to attack average Linux systems, because there's so much more money to be made from invading Windows, according to security researchers.

http://www.linuxsecurity.com/content/view/117987

 
  FBI retires its Carnivore
  17th, January, 2005

FBI surveillance experts have put their once-controversial Carnivore Internet surveillance tool out to pasture, preferring instead to use commercial products to eavesdrop on network traffic, according to documents released Friday.

http://www.linuxsecurity.com/content/view/117940

 
  US slaps on the wardriver-busting paint
  17th, January, 2005

Security-minded US decorators' supply outfit Force Field Wireless claims to have developed a DIY solution to the international menace of marauding geek wardrivers - DefendAir paint "laced with copper and aluminum fibers that form an electromagnetic shield, blocking most radio waves and protecting wireless networks".

http://www.linuxsecurity.com/content/view/117941

 
  Build a wireless network sniffer
  18th, January, 2005

This article reviews common issues of wireless security, and shows how to use open source software to suss out wireless networks, get information about them, and start recognizing common security problems. You will learn how to build a lightweight wireless sniffer that runs on open source software and, see how simple it is to interact with wireless networks.

http://www.linuxsecurity.com/content/view/117957

 
  'Evil Twin' Haunts Wi-Fi Users
  20th, January, 2005

An IT security expert, an academic and the U.K. government's cybercrime unit will give Londoners an introduction to the security dangers of wireless networking on ThursdayÑwith the star of the show being an attack method dubbed the "Evil Twin."

http://www.linuxsecurity.com/content/view/118000

 
  Wi-Fi Boom Makes Life Easier for Computer Hackers
  20th, January, 2005

Wireless networks giving computer users Internet access from anywhere in the home could expose them to eavesdropping, and programmers should make their security software easier to use, researchers say.

http://www.linuxsecurity.com/content/view/118002

 
  Securing Your Starbucks Experience
  21st, January, 2005

The original plan for this column was to write it at my neighborhood Starbucks while sipping down some good old French Roast and getting my blood caffeine level into the quadruple digits. Alas, it was not to be. My T-Mobile account seems to have expired; the Washington, DC, area was clobbered by a massive 3-inch snowfall, making travel impossible; and worst of all, Starbucks has all those high-carb goodies there at the coffee counter. I couldn't take the risk.

http://www.linuxsecurity.com/content/view/118014

 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse Californias New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.