DEMYSTIFY
THE SPAM BUZZ: Roaring Penguin Software Understanding the anti-spam solution
market and its various choices and buzzwords can be daunting task. This free whitepaper
from Roaring Penguin Software helps you cut through the hype and focus on the
basics: determining what anti-spam features you need, whether a solution you are
considering includes them, and to what degree. Find
out more!
LINUX ADVISORY
WATCH - This week, articles were released for squid, gaim, evolution, junkbuster,
samba, cvs, kdelibs, libtiff, mc, dia, cyrus, ImageMagik, openMosixview, kimgio,
convert-UUlib, kernel, shareutils, and mozilla. Distributors include Conectiva,
Debian, Fedora, Gentoo, Red Hat, and SuSE.
LinuxSecurity.com
Feature Extras:
Introduction:
Buffer Overflow Vulnerabilities - Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
The
Tao of Network Security Monitoring: Beyond Intrusion Detection
- The Tao of Network Security Monitoring is one of the most comprehensive
and up-to-date sources available on the subject. It gives an excellent introduction
to information security and the importance of network security monitoring,
offers hands-on examples of almost 30 open source network security tools,
and includes information relevant to security managers through case studies,
best practices, and recommendations on how to establish training programs
for network security staff.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Interview with Richard Stallman
25th, April, 2005
An Italian web magazine, TuxJournal.net, has published an interesting interview with Richard Stallman. The interview deal of GPL news, Free Bios, Software Patents and much more. It could be interesting for each GNU/Linux user.
http://www.linuxsecurity.com/content/view/118970
Encryption: the key to secure data?
26th, April, 2005
For as long as modern computers have been around, they have
been associated with encryption in one way or another. It is no coincidence
that the first semi-programmable computer, Colossus, was developed to
decrypt messages during the Second World War. Encryption relies on encoding
information in a way that makes it difficult to decode without either
a key (cipher) or an awful lot of mathematical muscle. The longer the
length of the cipher (in bits), the more difficult it will be to break.
Although there are many encryption techniques that are unbreakable in
practice, there are very few that are unbreakable in theory, given enough
time or processing power.
Once they were border controls, then customs and excise, now
they are the police, the fire brigade and the health service. Can the
firewall become the sole security device in the enterprise? Zaphod Beeblebrox,
the two-headed anti-hero of Douglas Adams’ Hitchhiker’s guide to the galaxy,
wears the future of firewalls on his head. His Joo Janta 200 Super-Chromatic
Peril Sensitive Sunglasses turn black at the first hint of danger. This
saves him from witnessing frightening events, so he remains cool and un-panicked
in a dangerous universe.
Layered security is a widely accepted principle of computer
and network security. The basic premise is that it takes multiple layers
of defense to protect against the wide variety of attacks and threats.
Not only can one product or technique not protect against every possible
threat, therefore requiring different products for different threats,
but having multiple lines of defense will hopefully allow one product
to catch things that may have slipped past the outer defenses.
Forward-looking companies have long realized the great business opportunities that the Internet offers and it's no secret that organizations are shifting more and more of their business processes online.
While this move brings many advantages with it, such as widening customer
reach and reducing overheads, the emergence of organized crime in the
online world means that business needs to be sharper than ever when
it comes to security.
Painful patching: How to lock down networked devices
27th, April, 2005
Given the fact that almost all networks are connected to the
Internet nowadays, your one hope of staying secure is to constantly patch
all machines on the network with the latest vulnerability fixes. This
may not be a big deal in environments consisting only of Windows 2003
servers and Windows XP workstations, for which you can simply use Microsoft's
Software Update Services (SUS), System Management Server (SMS) or any
number of third-party tools for patch updates. However, if your computers
are running non-Microsoft operating systems or non-PC devices, or if your
VPN allows connections by computers not controlled by your company, keeping
everything up-to-date on your network becomes much more complex -- although
not impossible.
Network security systems that rely on the laws of quantum mechanics to create hack-proof networks are arriving in the form of practical products that are easily integrated into optical networks.
At the Infosecurity Europe 2005 trade show in London, id Quantique SA (Geneva)
announced a turnkey quantum encryption system enabling hack-proof secure
bridges between two Fast Ethernet (IEEE 802.3u) networks up to 100 kilometers
apart. The move followed a March announcement by MagiQ Technologies
Inc. (New York), which rolled a rework of its Quantum Private Network
(QPN) 5505 system. The QPN 7505 incorporates Cavium Networks' Nitrox
data encryption processors.
Have you ever wondered how many people are scanning your server
looking for weaknesses? One way to find out is to install the Port Scan
Attack Detector (psad), is a collection of three lightweight system daemons
that alert you to suspicious network activity by analyzing iptables log
files.
Every organization understands the importance of using a firewall
to protect its assets. But what happens if someone finds a hole in the
wall? What if the infiltrator is actually someone from within your organization
who wants to access information that he shouldn't? To cover those contingencies,
you need an intrusion detection system (IDS) to complement your firewall.
Fortunately, with a minimum amount of time and money you can set up an
IDS with open source tools such as Snort, Shadow, and ACID.
The UK subsidiary of security software firm Fortinet has settled an action brought against it because it was allegedly not complying with the terms of the General Public Licence (GPL), which underpins the distribution of most open source software.
Harald Welte, founder of the gpl-violations.org project, announced earlier
this month that a German District Court had granted a preliminary injunction
against Fortinet UK Ltd after the project sued, alleging that the security
software firm had used GPL software in certain products and then used
encryption technologies to hide the software.
Security professionalism comes to the fore at show
25th, April, 2005
Also prominent among the 40 or so speakers is Fred Piper, who
set up the Information Security Group at the Royal Holloway College and
who is at the heart of work to improve IT security professionalism in
the UK. Piper last year instigated the creation of a small and informal
but very influential group of senior IT security professionals to ginger
up progress and break down barriers between the various IT security bodies.
Information plays a very important role as it is the backbone
of each IT Industry. A Company's sensitive information in wrong hands
is a real threat towards the survival of the company. So the information
should be managed considering all aspect of threats. So the standard BS7799
was introduced for the very same reason to manage the Sensitive data in
a professional way.
No longer are antivirus experts as concerned with attention-grabbing viruses and worms causing mass destruction. Instead, they're hot for the bot.
A quarterly report released today by California-based McAfee Corp. noted says
the "steady increase in Trojans and bots continues to grow while mass-mailer
viruses taper off." It confirms similar findings reported last week
by Russia-based Kaspersky Labs and in March by Cupertino, Calif-based
Symantec Corp.
Security vendor Fortinet has agreed to make some of its source code available, following accusations that it violated the GPL, the company said on Tuesday.
Earlier this month, gpl-violations.org founder Harald Welte obtained a court
injunction against Fortinet, banning the company from distributing its
products until it complied with the conditions of the GPL. Welte claimed
that Fortinet not only misused GPL-licensed code, but also tried to
hide its use of GPL code by using cryptographic techniques.
Hackers carried out almost 500,000 more attacks on Web sites and servers last year than in 2003, according to independent research.
A study carried out by Zone-H, a Web site where hackers report their activity,
found that global Web server attacks and Web site defacements rose by
over 400,000 (36 percent) compared to 2003 figures.
Last year British business lost £2.4 billion to electronically-enabled
crime, the National Hi-Tech Crime Unit has said. The Unit made the claim
at its eCrimes congress in London on 5 April. According to a survey conducted
by NOP, 89% of a sample group of 200 companies said that they had experienced
some form of hi-tech crime during 2004.
Mobility and security will top the IT agenda for European businesses
in 2005 as increasing confidence helps IT infrastructure spending to continue
its upward trend, newly published research has found. A recent IDC end-user
survey indicated that, after an "undeniably positive" 2004, a further
uplift will be fuelled by corporate renewals and burgeoning small and
medium-sized business (SMB) demand for IT.
Something strange happened to me recently: a friend told me
I was too paranoid when it comes to security. It was strange because he
was the third person to tell me that in a couple weeks. Sure, I expect
most people to call me paranoid, but these were all colleagues in the
security industry. Is it time to worry when security professionals consider
you too paranoid?
The number of new viruses has almost tripled in the last six months, an anti-virus vendor said Tuesday, the spike fed by hackers releasing scads of variants to overwhelm defenses.
According to Panda Software, which is headquartered in Spain but has U.S.
offices in Glendale, Calif., the count of new viruses has increased
278 percent since the third quarter of 2004.
Security experts attending the Wireless LAN Event in London
last Wedesday found that anonymous hackers in the crowd had created a
Web site that looked like a genuine log-in page for a Wi-Fi network, but
which actually sent 45 random viruses to computers that accessed it. "[This]
gets very nasty as we've never seen it before," said Spencer Parker, a
director of technical solutions at AirDefense. "It downloads 45 different
randomly generated viruses, worms and keyloggers so antivirus software
doesn't protect it. It doesn’t recognise the signatures."
Surfers trying to visit the web site of popular secure email
service Hushmail were redirected to a false site early Sunday following
a hacking attack. Hush Communications said hackers changed Hushmail's
DNS records after "compromising the security" of its domain registrar
(Network Solutions). These changes were undone after a few hours on Sunday
and normal Hushmail services have now been restored.
Use of public wireless hotspots is increasing, giving mobile workers and others access to essential data. The bad news: Security threats against hotspot users also are increasing.
That's the word from Richard Rushing and he should know since he is chief
security officer for AirDefense, which specializes in security of mobile
workers.
