Internet
Productivity Suite: Open Source Security - Trust Internet Productivity Suite's
open source architecture to give you the best security and productivity applications
available. Collaborating with thousands of developers, Guardian Digital security
engineers implement the most technologically advanced ideas and methods into their
design. Click
to find out more!
LINUX
ADVISORY WATCH - This week, advisories were released for twiki,
xine, libtiff, mc, gatos, playmidi, chbg, cups, imagemagick, mysql, xpdf, xtrlock,
mysql, sword, squid, gimp, dovecot, dhcp, bind, vixie-cron, sysklogd, alsa-lib,
grep, kernel-utils, ethereal, mpg123, playmidi, and krb5. The distributors include
Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, SuSE, and TurboLinux.
LinuxSecurity.com
Feature Extras:
Encrypting
Shell Scripts - Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn't have a "ps -ef" loop running in an attempt to capture
that sensitive info (though some applications mask passwords in "ps" output).
A
2005 Linux Security Resolution - Year 2000, the coming of the
new millennium, brought us great joy and celebration, but also brought great
fear. Some believed it would result in full-scale computer meltdown, leaving
Earth as a nuclear wasteland. Others predicted minor glitches leading only
to inconvenience. The following years (2001-2004) have been tainted with the
threat of terrorism worldwide.
State
of Linux Security 2004 - In 2004, security continued to be a
major concern. The beginning of the year was plagued with several kernel flaws
and Linux vendor advisories continue to be released at an ever-increasing
rate. This year, we have seen the reports touting Window's security superiority,
only to be debunked by other security experts immediately after release. Also,
Guardian Digital launched the new LinuxSecurity.com, users continue to be
targeted by automated attacks, and the need for security awareness and education
continues to rise.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Linux Vulnerabilities Creep Toward the Desktop
17th, January, 2005
As Linux increasingly hits the enterprise Relevant and consumer mainstream,
a growing number of security threats are emerging which prey on holes
in applications and files managed by desktop users.
Honeypot Project: Unpatched Linux Systems Last Longer than Windows
19th, January, 2005
The Honeypot Project has added fuel to the debate over which is more
secureÑLinux or WindowsÑwith findings that unpatched Linux systems can
be on the Internet for months before being successfully attacked while
Windows systems have been compromised in as little as hours.
Security company Immunity says it has found several vulnerabilities
in Darwin, the implementation of Unix that underlies Apple Computer
Inc.'s Mac OS X operating system.
Imagine that you deliver an application with 100%, instant-on availability.
Security is rock-solid. Costs are dropping. Users never complain. And
anytime you upgrade, even if you buy software and gear with new features
from a different vendor, user acceptance is always immediate and training
virtually nil.
Detecting network intrusions is no longer enough. Smart organizations
aim to prevent them. No wonder: The lag between vulnerability announcement,
patch release and exploit is shrinking like a cheap trade-show T-shirt.
The Blaster attack came only 25 days after the patch was released, and
Sasser was even faster--18 days. In March, the Witty worm struck a buffer-overflow
vulnerability one day after the flaw was discovered.
The underground world of the computer hacker may seem like a place
where chaos rules, but the reality is there's a method to the hacker's
perceived madness. And understanding that method is critical to knowing
how best to respond to a skilled attacker.
How safe is the router? Not too safe. From a security standpoint, 2005
is the year that the router becomes the Achilles heel of the network,
says Dan Jackson, president and COO of DeepNines Technologies, the only
company capable of protecting networks from in front of the router.
Last year, a computer worm that conducts automated reconnaissance appeared;
it uses the Google Inc. search engine to automatically find Web sites
running vulnerable bulletin-board software and then defaces them. The
financial-services industry noticed a spike last fall in phishing attempts
to steal money from customers' accounts and put the blame on a new toolkit
that made it easier to set up such scams.
Attackers are no longer bothering to attack average Linux systems,
because there's so much more money to be made from invading Windows,
according to security researchers.
FBI surveillance experts have put their once-controversial Carnivore
Internet surveillance tool out to pasture, preferring instead to use
commercial products to eavesdrop on network traffic, according to documents
released Friday.
Security-minded US decorators' supply outfit Force Field Wireless claims
to have developed a DIY solution to the international menace of marauding
geek wardrivers - DefendAir paint "laced with copper and aluminum fibers
that form an electromagnetic shield, blocking most radio waves and protecting
wireless networks".
This article reviews common issues of wireless security, and shows
how to use open source software to suss out wireless networks, get information
about them, and start recognizing common security problems. You will
learn how to build a lightweight wireless sniffer that runs on open
source software and, see how simple it is to interact with wireless
networks.
An IT security expert, an academic and the U.K. government's cybercrime
unit will give Londoners an introduction to the security dangers of
wireless networking on ThursdayÑwith the star of the show being an attack
method dubbed the "Evil Twin."
Wireless networks giving computer users Internet access from anywhere
in the home could expose them to eavesdropping, and programmers should
make their security software easier to use, researchers say.
The original plan for this column was to write it at my neighborhood
Starbucks while sipping down some good old French Roast and getting
my blood caffeine level into the quadruple digits. Alas, it was not
to be. My T-Mobile account seems to have expired; the Washington, DC,
area was clobbered by a massive 3-inch snowfall, making travel impossible;
and worst of all, Starbucks has all those high-carb goodies there at
the coffee counter. I couldn't take the risk.
