Internet
Productivity Suite: Open Source Security - Trust Internet Productivity Suite's
open source architecture to give you the best security and productivity applications
available. Collaborating with thousands of developers, Guardian Digital security
engineers implement the most technologically advanced ideas and methods into their
design. Click
to find out more!
LINUX ADVISORY
WATCH - This week, advisories were released for python, squid, php, emacs,
postgres, evolution, mailman, hztty, hwbrowser, cups, hotplug, xpdf, kdegraphics,
gallery, perl, and squirrelmail. The distributors include Debian, Fedora, Gentoo,
Mandrake, Red Hat, and SuSE.
LinuxSecurity.com
Feature Extras:
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
The
Tao of Network Security Monitoring: Beyond Intrusion Detection
- The Tao of Network Security Monitoring is one of the most comprehensive
and up-to-date sources available on the subject. It gives an excellent introduction
to information security and the importance of network security monitoring,
offers hands-on examples of almost 30 open source network security tools,
and includes information relevant to security managers through case studies,
best practices, and recommendations on how to establish training programs
for network security staff.
Encrypting
Shell Scripts - Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn't have a "ps -ef" loop running in an attempt to capture
that sensitive info (though some applications mask passwords in "ps" output).
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Hashing out encryption
8th, February, 2005
Federal agencies have been put on notice that National Institute
of Standards and Technology officials plan to phase out a widely used
cryptographic hash function known as SHA-1 in favor of larger and stronger
hash functions such as SHA-256 and SHA-512.
It began 25 years ago in the warm coastal waters of Puerto Rico
when a stranger swam over to Gilles Brassard and struck up a conversation
about using quantum physics to make bank notes impossible to counterfeit.
"I had no idea who he was," recalled Brassard, then a 24-year-old prodigy
and computer-science professor at the Universite de Montreal. "He just
started talking nonsense about quantum physics."
"The recent, unprecedented growth in automated attacks, especially
in the form of worms, viruses, and Trojans, has really amplified the ramifications
of system vulnerabilities," notes Bauer. "Since these crop up relentlessly
and unpredictably, it's more important than ever that any Internet-connected
Linux system be not only patched, but very carefully configured to contain
both anticipated and unanticipated security failures.
Some surprising finds about Linux selection criteria
11th, February, 2005
n January and early February, InfoWorld conducted a survey about
Linux usage and expectations. Reliability, security and performance
-- in that order-- are the three top criteria points that customers consider
when opting for Linux, with cost being the fourth most important criteria.
As part of the study, we determined vendor ranking across all four criteria.
IBM and Sun dominated the top 3 categories.
A firewall is a system or group of systems that enforces an
access control policy between two or more networks. The actual means by
which this is accomplished varies widely, but in principle, the firewall
can be thought of as a pair of mechanisms: one which exists to block traffic,
and the other which exists to permit traffic.
A firewall is an organizationally and technical concept for
the separation of networks, its correct implementation and constant maintenance.
One piece that's often used is a piece of hardware that connects to networks
the way as it's allowed in the concept. This piece of hardware is often
called firewall-system/computer or in short firewall.
Are you an administrator or security analyst who watches over
a firewall with a hundred or more rules? Or perhaps a hired gun who must
review a firewall with years of crusty buildup? Are you creating a test
lab that involves a wide variety of networks, servers, and risks? If you're
interested in enterprise-level firewalls, this article will help you make
sense of common failures in processes and tools. We'll focus on enterprise-grade
business and networking issues that affect firewalls. (Penetration studies
and piercing firewalls from the outside will be covered in a later article.)
The CIS Linux benchmark: Security best practices for Red Hat and Fedora Core
11th, February, 2005
The Center for Internet Security (CIS) is a non-profit association
for the promotion of computer security. Its members, largely North American,
range from IBM and Motorola to universities and individuals. Through the
consensus of members, it develops a list of best practices for Windows,
Linux, Solaris and Free BSD, as well as Cisco routers, Oracle databases,
and Apache Web servers. These best practices are incorporated into benchmark
scripts and accompanying PDF guides for interpreting the results and improving
security with a series of actions and scripts. The CIS Linux Benchmark
provides a comprehensive checklist for system hardening.
The flaw affects a broad range of browsers that use the open-source
Gecko browser kernel. Anyone using Firefox, Safari, or the like, could
be visiting spoofed sites without realizing it. Since some phishing scams
rely on fake sites to collect personal information, users could be opening
themselves up to identity theft.
Chat Transcript: Real World Linux Security with Bob Toxen
8th, February, 2005
On Tuesday, February 8th 2005, LinuxSecurity.com hosted an online
chat with the well-known author, consultant, and Linux security expert
Bob Toxen. Topics discussed include Linux security best practices, the
7 deadly sins of Linux security, favorite security tools, penetration
testing, forensic investigations, merits of open source, full-disclosure,
and log evaluation. Once again, we at LinuxSecurity.com want to thank
Bob for his participation.
Organisers of LCA 2005, the International Linux conference due
to be held in Canberra this April, are hoping its security mini-conference
will expand into a separate conference by next year.
During the disclosure of some recent vulnerabilities in the
Linux kernel, I learned some things about Linux kernel security that was
truly shocking. The way security in the Linux kernel is handled is broken,
and it needs to be fixed right now. I'm a big proponent of open source
software. Although personally I'm a huge follower of BSD-based operating
systems, I keep an open and analytical mind when looking at any OS. Unfortunately,
I was totally blown away with some of the things that I learned about
Linux kernel security during the release of some recent vulnerabilities
in the kernel code.
Company’s Linux-based Mail Solution Helps ISP’s Prevent New Spam Threat
9th, February, 2005
Guardian Digital, the world’s premier open source Internet security
company today announced the availability of the first anti-spam software
tool designed specifically to diminish the threat of Trojan zombie attacks.
Responsible for a high volume of successful spam attacks, this latest
email threat is causing serious problems within corporate email infrastructures.
Known to take over unsuspecting computers and utilize its resources to
send out spam messages, zombie-type attacks use the domain name of the
victimized computers ISP to send messages that appear as if they are coming
directly from the ISP, making it very difficult for customary anti-spam
solutions to block them.
Linux Firm Raises Performance Bar on Anti-spam & Anti-phishing Applications
9th, February, 2005
Guardian Digital, the world’s premier open source Internet security
company, today reinforced their dedication to email security with the
release of Secure Mail Suite v. 3.2. Incorporating advanced technologies
for enterprise spam and phishing protection, Secure Mail Suite v. 3.2
is the first solution of its kind to include distributed protection from
these types of attacks including the latest blended threats.
Ottawa-based Googgun Technologies Inc. (GTI) recently introduced
the second version of its Trustifier Linux-based security solution. The
solution is designed to protect information systems from internal and
external attacks on the network. GTI said Trustifer would protect business
applications (and therefore users) from themselves. Whether buffer-overflow
vulnerabilities, stack-execution attacks, malicious code or buggy programming,
Trustifier can cage it in, disallow its operation, or silence requests
for privileged operations. Administrators can specify which applications
get what privileged operations, and have them do those in confinement
of time, data and repetition.
"These products are fairly expensive and tend to be deployed
in large environments," says Gartner Inc. analyst Amrit Williams. "They
have not approached the middle tier or the small-office/home-office market
yet."
Browser switching is taking place at the level of individual
users, rather than organisations, and some of the factors that make Firefox
more appealing than Internet Explorer are likely to go away as the browser
gets to be more popular, said Gartner analysts Ray Valdes, David Mitchell
Smith and Whit Andrews. "The growth in usage of Firefox is driven by factors
that are not inherently sustainable," they have warned.
Not All Identity Theft is Cyberspaced; Incidents More Likely to be 'Paper-Based'
7th, February, 2005
"Identity theft continues to be a very serious threat. One in
23 adults will be victimized this year, with a total loss exceeding $50
billion. To prevent the misuse of our personal information, survey research
shows we should be as safety-conscious in our home and office, as we are
on the Internet," said Ken Hunter, President of the Council of Better
Business Bureaus, Inc.
Hackers forced the state to pull down its Web site Tuesday,
but officials said no private information was compromised. However, the
hacker left the message "Look what I can do!" For most of the day, visitors
to nh.gov saw a message that the site was down for maintenance, posted
after hackers go into a server sometime after midnight.
GoRemote Internet Communications further extended its leadership
in delivering managed secure remote access solutions by unveiling the
world's largest and most comprehensive secure wireless access network.
GoRemote is the first to offer a single solution for mobile users to obtain
secure remote connectivity using virtually any type of wireless access,
including free Wi-Fi hotspots, in-flight Wi-Fi, cellular and 3G.
