Linux Security Week: May 2nd 2005

An Italian web magazine, TuxJournal.net, has published an interesting interview with Richard Stallman. The interview deal of GPL news, Free Bios, Software Patents and much more. It could be interesting for each GNU/Linux user.

For as long as modern computers have been around, they have been associated with encryption in one way or another. It is no coincidence that the first semi-programmable computer, Colossus, was developed to decrypt messages during the Second World War. Encryption relies on encoding information in a way that makes it difficult to decode without either a key (cipher) or an awful lot of mathematical muscle. The longer the length of the cipher (in bits), the more difficult it will be to break. Although there are many encryption techniques that are unbreakable in practice, there are very few that are unbreakable in theory, given enough time or processing power.

news/cryptography/encryption-the-key-to-secure-data

Once they were border controls, then customs and excise, now they are the police, the fire brigade and the health service. Can the firewall become the sole security device in the enterprise? Zaphod Beeblebrox, the two-headed anti-hero of Douglas Adams’ Hitchhiker’s guide to the galaxy, wears the future of firewalls on his head. His Joo Janta 200 Super-Chromatic Peril Sensitive Sunglasses turn black at the first hint of danger. This saves him from witnessing frightening events, so he remains cool and un-panicked in a dangerous universe.

news/firewall/firewalls-ring-changes

Layered security is a widely accepted principle of computer and network security. The basic premise is that it takes multiple layers of defense to protect against the wide variety of attacks and threats. Not only can one product or technique not protect against every possible threat, therefore requiring different products for different threats, but having multiple lines of defense will hopefully allow one product to catch things that may have slipped past the outer defenses.

Forward-looking companies have long realized the great business opportunities that the Internet offers and it's no secret that organizations are shifting more and more of their business processes online.

While this move brings many advantages with it, such as widening customer reach and reducing overheads, the emergence of organized crime in the online world means that business needs to be sharper than ever when it comes to security.

news/network-security/ddos-dont-get-stuck-in-denial

Given the fact that almost all networks are connected to the Internet nowadays, your one hope of staying secure is to constantly patch all machines on the network with the latest vulnerability fixes. This may not be a big deal in environments consisting only of Windows 2003 servers and Windows XP workstations, for which you can simply use Microsoft's Software Update Services (SUS), System Management Server (SMS) or any number of third-party tools for patch updates. However, if your computers are running non-Microsoft operating systems or non-PC devices, or if your VPN allows connections by computers not controlled by your company, keeping everything up-to-date on your network becomes much more complex -- although not impossible.

news/network-security/painful-patching-how-to-lock-down-networked-devices

Network security systems that rely on the laws of quantum mechanics to create hack-proof networks are arriving in the form of practical products that are easily integrated into optical networks.

At the Infosecurity Europe 2005 trade show in London, id Quantique SA (Geneva) announced a turnkey quantum encryption system enabling hack-proof secure bridges between two Fast Ethernet (IEEE 802.3u) networks up to 100 kilometers apart. The move followed a March announcement by MagiQ Technologies Inc. (New York), which rolled a rework of its Quantum Private Network (QPN) 5505 system. The QPN 7505 incorporates Cavium Networks' Nitrox data encryption processors.

news/network-security/quantum-encryption-enters-product-phase

Have you ever wondered how many people are scanning your server looking for weaknesses? One way to find out is to install the Port Scan Attack Detector (psad), is a collection of three lightweight system daemons that alert you to suspicious network activity by analyzing iptables log files.

Every organization understands the importance of using a firewall to protect its assets. But what happens if someone finds a hole in the wall? What if the infiltrator is actually someone from within your organization who wants to access information that he shouldn't? To cover those contingencies, you need an intrusion detection system (IDS) to complement your firewall. Fortunately, with a minimum amount of time and money you can set up an IDS with open source tools such as Snort, Shadow, and ACID.

The UK subsidiary of security software firm Fortinet has settled an action brought against it because it was allegedly not complying with the terms of the General Public Licence (GPL), which underpins the distribution of most open source software.

Harald Welte, founder of the gpl-violations.org project, announced earlier this month that a German District Court had granted a preliminary injunction against Fortinet UK Ltd after the project sued, alleging that the security software firm had used GPL software in certain products and then used encryption technologies to hide the software.

news/vendors-products/software-firm-settles-gpl-violation-lawsuit

Also prominent among the 40 or so speakers is Fred Piper, who set up the Information Security Group at the Royal Holloway College and who is at the heart of work to improve IT security professionalism in the UK. Piper last year instigated the creation of a small and informal but very influential group of senior IT security professionals to ginger up progress and break down barriers between the various IT security bodies.

Information plays a very important role as it is the backbone of each IT Industry. A Company's sensitive information in wrong hands is a real threat towards the survival of the company. So the information should be managed considering all aspect of threats. So the standard BS7799 was introduced for the very same reason to manage the Sensitive data in a professional way.

No longer are antivirus experts as concerned with attention-grabbing viruses and worms causing mass destruction. Instead, they're hot for the bot.

A quarterly report released today by California-based McAfee Corp. noted says the "steady increase in Trojans and bots continues to grow while mass-mailer viruses taper off." It confirms similar findings reported last week by Russia-based Kaspersky Labs and in March by Cupertino, Calif-based Symantec Corp.

Security vendor Fortinet has agreed to make some of its source code available, following accusations that it violated the GPL, the company said on Tuesday.

Earlier this month, gpl-violations.org founder Harald Welte obtained a court injunction against Fortinet, banning the company from distributing its products until it complied with the conditions of the GPL. Welte claimed that Fortinet not only misused GPL-licensed code, but also tried to hide its use of GPL code by using cryptographic techniques.

Hackers carried out almost 500,000 more attacks on Web sites and servers last year than in 2003, according to independent research.

A study carried out by Zone-H, a Web site where hackers report their activity, found that global Web server attacks and Web site defacements rose by over 400,000 (36 percent) compared to 2003 figures.

Last year British business lost £2.4 billion to electronically-enabled crime, the National Hi-Tech Crime Unit has said. The Unit made the claim at its eCrimes congress in London on 5 April. According to a survey conducted by NOP, 89% of a sample group of 200 companies said that they had experienced some form of hi-tech crime during 2004.

Mobility and security will top the IT agenda for European businesses in 2005 as increasing confidence helps IT infrastructure spending to continue its upward trend, newly published research has found. A recent IDC end-user survey indicated that, after an "undeniably positive" 2004, a further uplift will be fuelled by corporate renewals and burgeoning small and medium-sized business (SMB) demand for IT.

Something strange happened to me recently: a friend told me I was too paranoid when it comes to security. It was strange because he was the third person to tell me that in a couple weeks. Sure, I expect most people to call me paranoid, but these were all colleagues in the security industry. Is it time to worry when security professionals consider you too paranoid?

The number of new viruses has almost tripled in the last six months, an anti-virus vendor said Tuesday, the spike fed by hackers releasing scads of variants to overwhelm defenses.

According to Panda Software, which is headquartered in Spain but has U.S. offices in Glendale, Calif., the count of new viruses has increased 278 percent since the third quarter of 2004.

Security experts attending the Wireless LAN Event in London last Wedesday found that anonymous hackers in the crowd had created a Web site that looked like a genuine log-in page for a Wi-Fi network, but which actually sent 45 random viruses to computers that accessed it. "[This] gets very nasty as we've never seen it before," said Spencer Parker, a director of technical solutions at AirDefense. "It downloads 45 different randomly generated viruses, worms and keyloggers so antivirus software doesn't protect it. It doesn’t recognise the signatures."

news/hackscracks/hackers-attack-it-conference

Surfers trying to visit the web site of popular secure email service Hushmail were redirected to a false site early Sunday following a hacking attack. Hush Communications said hackers changed Hushmail's DNS records after "compromising the security" of its domain registrar (Network Solutions). These changes were undone after a few hours on Sunday and normal Hushmail services have now been restored.

news/hackscracks/hushmail-hit-by-dns-attack

Use of public wireless hotspots is increasing, giving mobile workers and others access to essential data. The bad news: Security threats against hotspot users also are increasing.

That's the word from Richard Rushing and he should know since he is chief security officer for AirDefense, which specializes in security of mobile workers.