Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Advisory Watch: April 4th 2005
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "The
Corporate Security Sourcebook for Today's Global Economy," "The
demise of traditional perimeter defences," and "Why
Due Diligence as a Defense is Not Enough."
DEMYSTIFY
THE SPAM BUZZ: Roaring Penguin Software Understanding the anti-spam solution
market and its various choices and buzzwords can be daunting task. This free whitepaper
from Roaring Penguin Software helps you cut through the hype and focus on the
basics: determining what anti-spam features you need, whether a solution you are
considering includes them, and to what degree. Find
out more! LINUX ADVISORY
WATCH - This week, advisories were released for ethereal, kernel, netkit-telnet,
mc, mailreader, samba, mozilla, lsof, thunderbird, epiphany, devhelp, spamassassin,
slypheed, krb5, xorg, telnet, foomatic, squid, ImageMagick, gdk, mpg321, ipsec-tools,
htdig, grip, mysql, XFree86, and MySQL. The distributors include Conectiva, Debian,
Fedora, Gentoo, Mandrake, Red Hat, and SuSE.
LinuxSecurity.com
Feature Extras:
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
The
Tao of Network Security Monitoring: Beyond Intrusion Detection
- The Tao of Network Security Monitoring is one of the most comprehensive
and up-to-date sources available on the subject. It gives an excellent introduction
to information security and the importance of network security monitoring,
offers hands-on examples of almost 30 open source network security tools,
and includes information relevant to security managers through case studies,
best practices, and recommendations on how to establish training programs
for network security staff.
Encrypting
Shell Scripts - Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn't have a "ps -ef" loop running in an attempt to capture
that sensitive info (though some applications mask passwords in "ps" output).
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Mapping Security: The Corporate Security Sourcebook for Today's Global Economy
31st, March, 2005
Security in any enterprise should extend beyond just information
technology to become an integral part of the organization's overall strategic
plan. This concept is explored in great detail by the book, Mapping Security:
The Corporate Security Sourcebook for Today's Global Economy. In this
download of Chapter 3, Establishing Your Coordinates, authors Tom Patterson
and Scott Gleeson Blue explain why organizations need to forget the traditional
notions of risk. Enterprises should identify and measure weaknesses in
all areas of the organization before starting any strategic planning.
This download shows you where to look for weaknesses and how to begin
that process.
Guardian Digital, Inc., a leader in open source security products, today announced the release of a new firewall product that will revolutionize internet security as we know it, forever.
Guardian Digital CEO Dave Wreski explains, "Our new product works
differently from most other firewalls on the market, which can possibly
allow dangerous packets into protected networks. Our technical wizards
realized that all virus, worm, and malware authors use dangerous 'zeroes'
in their binary code, therefore our new firewall product blocks all
'zeroes' while allowing the friendly, useful 'ones' through."
When embracing a defense-in-depth strategy for your organization's
systems, setting up a secure network boundary and applying best business
practices to your internal clients is a great start. But the work doesn't
stop there. One area that organizations often overlook is application
security for Web-enabled applications. In fact, some of the recent, highly
publicized thefts of private information occurred due to poor application
design and implementation.
Leading global telecommunications companies, ISPs, and network
operators will begin sharing information on Internet attacks as members
of a new group called the "Fingerprint Sharing Alliance," according to
a published statement from the new group.
SMOOTHWALL LAUNCHES ITS FIRST FIREWALL AIMED AT LARGE ENTERPRISES
31st, March, 2005
Network security specialist SmoothWall Limited, is today previewing
its new Advanced Firewall, aimed at enterprise customers and organisations
with demanding security requirements. Like its existing Corporate firewall
for medium sized organisations, Advanced Firewall is based on open source
technology, enabling SmoothWall to provide sophisticated enterprise class
features at prices starting from £950.
IBM last week introduced technology called FairUCE, for Fair
Use of Unsolicited Commercial E-mail, that blocks spam by trying to ID
the sender's Internet domain rather than evaluating message content.
There is a classic moment during the battle for Helm’s Deep in the epic film, Lord of the Rings, the Two Towers, when King Theoden stands atop the supposedly impregnable city. Rain sodden, he surveys the massed ranks of Saruman’s armies and defiantly shouts ‘Is this all you’ve got?’ A few fateful minutes, and a well placed explosive, later his confidence is shattered and replaced with fear as he realises that his fortress has been penetrated.
Whilst this may have been a marvellous piece of celluloid drama, this scene
could have been replicated in the IT departments of many enterprises
throughout 2004. Replace Helm’s Deep with firewalls and the Orcs with
trojans and viruses and you’ll soon appreciate the similarities.
You may never think about it, but many of your online activities
may be monitored and analyzed. Advertising companies, government agencies,
and private users can use traffic analysis to gather information about
which Web sites and pages you visit, what newsgroups you read, and whom
you talk to on IRC. While there is no need to be paranoid (or is there???),
you can keep your online communication private. The Tor project can help
you with that.
The nightmare started when I returned to my office to discover
17 missed calls on my cell phone. A moment later, the phone rang again.
A frantic customer complained of "eyes" on his Web site. I visit the site,
and, lo and behold, discovered it proclaiming being "owned" by a hacking
group. Upon further investigation, I discovered all the other Web sites
on the Debian-based server had been defaced.
There are great open source products for nearly every purpose.
But I have yet to find many in the security field. Most seem hand-written,
based on books like the O’Reilly Secure Progrmaming Cookbook. Maybe I’m
not looking hard enough. If I’m not, please point to your favorite open
source security in TalkBack.
How to fully utilise the resources at one’s disposal is one
of the major dilemmas facing enterprises not only in the Middle East,
but also around the globe. Increased efficiency results in costs savings
and allows enterprises to focus attention to grander plans. Rashed AlOthman,
senior vice president of IT services and control at Riyad Bank, has a
simple mantra: The less complex a system an enterprise has, the fewer
resources it is going to utilise.
The growth of the Indian security solutions market exceeded
the expectations of most analysts last year. This momentum is expected
to continue in 2005 as security war chests are expected to be opened wide
this year. Analysts from Frost & Sullivan say that the growth of the network
security market in India will exceed the projected growth rate of 32.4
percent in 2005. The IT and BPO industry will be the biggest consumers
of security solutions.
Compliance requirements are fueling convergence between systems
management and security markets, highlighted by several acquisitions over
the last few years, experts said. Last Wednesday, Altiris agreed to acquire
Pedestal Software for threat management for $65 million. BMC filled an
important gap in an existing identity management product line by buying
OpenNetwork for $18 million. Novell shored up its resource management
and IT asset management suite by moving in on Tally Systems for an undisclosed
sum.
Take the initiative on security certification to meet the demands of corporate partners
29th, March, 2005
Multinational companies invest a lot of money in IT security
and increasingly expect smaller partners and suppliers to demonstrate
the same level of commitment. IT security experts speaking at the RSA
Security Conference last month predicted that large companies would in
the future specify minimum security standards in contracts before doing
business with their suppliers.
A consortium of companies focused on Voice over Internet Protocol
(VoIP) Security is taking the first steps toward finding common ground
in an emerging market and is boosting its presence by adding to the membership
ranks.
Corporate executives love two words, “Due Diligence�. Unfortunately,
this is only half of the required formula for meeting the requirements
under “Standard of Care�. It is startling when such a large percentage
of these executives fail to grasp the concept and legal liability imposed
under “Due Care�. Due care is the second half of the formula and equally
as important. For without it, the standard of care can not be measured.
Performing Due Diligence shows you where your risks lie, due care is exercising
the requirements discovered under due diligence to protect or mitigate
exposure from those risks.
While most e-mail users are on guard against viruses, they are
far too casual about instant messages, says Sophos security analyst Greg
Mastoras. "Virus writers like to exploit low-hanging fruit, and IM is
a low-hanging fruit."
'Serious' security holes in Kerberos Telnet client
29th, March, 2005
Attackers could exploit two "serious" security holes in the
Telnet program supplied with MIT Kerberos 5 to cause a buffer overflow
and launch malicious code, the Massachusetts Institute of Technology's
(MIT) Kerberos Team warned in an advisory.
Phishers are moving away from big banking institutions and heading for smaller targets, according to the Anti-Phishing Working Group (APWG).
In its study of phishing activity in February the group found that, while
four out of five attacks were still on six major banks, the number of
smaller organisations being targeted is rising fast.
Older worms and viruses continued to dominate March's list of Top 10 baddest apples, said security firms Thursday, in part because users don't update their anti-virus defenses, but also because 2005's entries have been too weak to unseat the old guard.
According to the list produced monthly by Sophos, the Zafi.d worm led the
Top 10 for March by accounting for 45.1 percent of all the malicious
traffic the U.K.-based security vendor monitored. Netsky.p came in second
with 21 percent of the month's total. Rounding out the top 10 were Zafi.b,
Sober.k, Netsky.d, Netsky.z, Netsky.b, MyDoom.o, Netsky.c, and Netsky.q.
Security specialists are constantly on the lookout for proven
methods we can replicate to keep our networks and data safe. Independent
consultants provide an outsider's perspective and carry with them the
aggregate experience of helping hundreds of clients. But not every practice
consultants see in the field is a good one--in fact, they encounter some
stunningly bad ideas. Because sometimes one whopper of a mistake can be
more instructive than a binder's worth of best practices, we interviewed
more than a dozen security consultants to arrive at our 10 worst practices
list. See which ones apply to you, then check our links for advice on
how to do things better.
