LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: May 30th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Three tools to help you configure iptables," "Using a Network Analyser as a Security Tool," and "An Easier Way To Secure Wireless Networks."


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.

LINUX ADVISORY WATCH - This week, perhaps the most interesting articles include ppxp, oops, libconvert, qpopper, gail, dmraid, openssl, kernel, netpbm, sudo, texinfo, FreeRADIUS, gdb, ImageMagick, Net-SNMP, gxine, evolution, firefox, mozilla, ethereal, and less tif. The distributors include Debian, Fedora, Gentoo, and Red Hat.

LinuxSecurity.com Feature Extras:

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff.


Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Interview with the guru of Python
  26th, May, 2005

An italian web magazine interviewed Guido Van Rossum, the guru of Python. An interesting interview has been created Read Here!

http://www.linuxsecurity.com/content/view/119207
 
  The Crypto Wars are over!
  25th, May, 2005

The "crypto wars" are finally over - and we've won!

On 25th May 2005, Part I of the Electronic Communications Act 2000 will be torn out of the statute book and shredded, finally removing the risk of the UK Government taking powers to seize encryption keys.

http://www.linuxsecurity.com/content/view/119193
 
  'Unhackable' network draws nearer
  26th, May, 2005

Scientists have moved one step closer to the "unhackable" network by developing a device that can send single photons in a regular stream over a fiber optic link.

http://www.linuxsecurity.com/content/view/119205
 
  Three tools to help you configure iptables
  24th, May, 2005

Every user whose client connects to the Internet should configure his firewall immediately after installation. Some Linux distributions include firewall configuration as a part of installation, often offering a set of defaults configurations to choose from. However, to ensure that your machine presents the minimum "attack surface" (a measure of the number of vulnerable ports, user accounts, and sockets exposed to attack) to the predatory inhabitants of the Internet, you may need to do some manual configuration of your firewall. Here are three tools that can help.

http://www.linuxsecurity.com/content/view/119181
 
  Shorewall lead developer quits
  24th, May, 2005

It is with regret that I announce that Shorewall development and support is officially ended.

Unlike the originators of other successful open source projects, I have not been able to attract a core of people who believe in Shorewall and who are willing to make sacrifices to ensure it's success. That is my weakness and I accept it. But is means that I have been left with trying to develop, document, and support Shorewall almost single-handedly. I cannot do it any more.

http://www.linuxsecurity.com/content/view/119184
 
  Device Drivers Filled with Flaws, Threaten Security
  27th, May, 2005

Operating system vendors and hardware makers should commit more resources toward systematically auditing Windows and Linux device-driver code for flaws, security researchers say. While buffer overflows, a type of memory flaw that can lead to serious vulnerabilities, are quickly being eradicated in critical applications, the flaws are still easily found in device drivers, said David Maynor, a research engineer for Internet Security Systems' X-Force vulnerability analysis group.

http://www.linuxsecurity.com/content/view/119210
 
  Vendors 'slow to fix' hyperthreading flaw
  27th, May, 2005

A researcher claims that Microsoft and some Linux vendors have put small businesses at risk with their slow reaction to a vulnerability in Intel's hyperthreading chip technology.

http://www.linuxsecurity.com/content/view/119212
 
  Feds to fight the zombies
  23rd, May, 2005

Remote-controlled "zombie" networks operated by bottom-feeding spammers have become a serious problem that requires more industry action, the Federal Trade Commission is expected to announce on Tuesday.

http://www.linuxsecurity.com/content/view/119172
 
  Using a Network Analyser as a Security Tool
  27th, May, 2005

Every administrator of a corporate LAN of any size these days has already built strong defenses against hackers and virus attacks. But the viruses and hackers continue to get through. Why?

http://www.linuxsecurity.com/content/view/119213
 
  Linux Gains Maturity in the Data Center
  24th, May, 2005

Businesses certainly profit by using high-quality software that is freely available, and unencumbered by restrictive licensing, so they must keep an eye towards its sustainability. That might mean an occasional donation of equipment, funds, employees' time and know-how, whatever it is you have to offer.

http://www.linuxsecurity.com/content/view/119180
 
  Where should security live?
  23rd, May, 2005

The facile answer is everywhere. Professional network security managers tend to want to scan at the edges of their networks, and centralize patch management. We amateurs tend to leave it all at the edges, that is, every box we own has security on it. This leaves it up to individual users to manage security programs, making even little children into security managers. It’s not a good solution.

http://www.linuxsecurity.com/content/view/119169
 
  Software Industry on the Brink of Choosing Open Source
  23rd, May, 2005

Many computer experts agree that computers are less vulnerable to hacking and virus attacks when they run Linux software rather than Microsoft's Windows.

"What is the most important issue for us is, which is the most pragmatic business model for customers?" said Shirish Netke, an executive at Aztec Software in India.

http://www.linuxsecurity.com/content/view/119171
 
  Identity theft getting more sophisticated, more profitable
  24th, May, 2005

It is the hot crime of the 21st century - and YOU are the target. Sophisticated super-hackers are turning identity theft into a multi-billion-dollar criminal enterprise, plundering data about ordinary people from alumni directories, ATM machines, credit cards, tax returns and myriad other sources. The massive scams are costing American businesses and consumers more than $47 billion a year, according to the Federal Trade Commission.

http://www.linuxsecurity.com/content/view/119179
 
  Simplifying Security
  26th, May, 2005

It's hard enough to create a new company -- why try to create a new market as well? That’s why we like start-ups that target markets which already exist. In fact, we’ve examined this theme in the last few weeks -- more often than not, start-ups are best served by approaching old problems in new ways. The advantage is obvious: the demand for the products or services is already in place.

http://www.linuxsecurity.com/content/view/119201
 
  Experts: Zombies ousting viruses
  26th, May, 2005

Speaking at the AusCERT conference in Australia's Gold Coast on Tuesday, Eugene Kaspersky, founder of Kaspersky Labs, said that the influence of organized crime on the malicious software industry has led to a change of tactics. Instead of trying to create viruses and worms that infect as many computers as possible, authors of malicious software are instead trying to infect 5,000 or 10,000 computers at a time to create personalized zombie armies.

http://www.linuxsecurity.com/content/view/119204
 
  Public backs ID cards to beat identity theft
  25th, May, 2005

The public believes that ID cards are the best solution to identity theft and fraud, according to a survey published this week. More than half of those polled (57%) said ID cards were their first or second preferred method to protect themselves against identity theft, the survey of 1,000 people aged 16 to 64 showed. But George Platt, general manager of US voice automation firm Intervoice, which commissioned the UK survey, warned that ID cards would “do nothing? to prevent ID theft through telephone or online purchasing.

http://www.linuxsecurity.com/content/view/119191
 
  Minnesota court takes dim view of encryption
  26th, May, 2005

A Minnesota appeals court has ruled that the presence of encryption software on a computer may be viewed as evidence of criminal intent.

http://www.linuxsecurity.com/content/view/119208
 
  Web virus holds computer files ‘hostage’
  24th, May, 2005

Computer users already anxious about viruses and identity theft have new reason to worry: Hackers have found a way to lock up the electronic documents on your computer and then demand $200 over the Internet to get them back.

http://www.linuxsecurity.com/content/view/119185
 
  Database Hackers Reveal Tactics
  25th, May, 2005

Three young hackers under investigation for unlawfully accessing personal information on thousands of people in a LexisNexis database have characterized their act as a cyberjoyride that got out of hand. The hackers, ages 16, 19 and 20, spoke with Wired News by phone Monday and said that in January and February they accessed LexisNexis data -- which included the Social Security number, birth date, home address and driver's license number of numerous celebrities and hacker friends -- to claim bragging rights, rather than to steal identities or sell the information to identity thieves, as some published reports have stated.

http://www.linuxsecurity.com/content/view/119190
 
  Witty worm flaws reveal source, initial targets
  25th, May, 2005

The Witty worm, which infected more than 12,000 servers a year ago, came from a single computer in Europe and used a U.S. military base's vulnerable systems to kick-start the epidemic, according to an analysis released by three researchers this week.

http://www.linuxsecurity.com/content/view/119192
 
  Russians Use Affiliate Model To Spread Spyware, Adware
  25th, May, 2005

An online business based in Russia will pay Web sites 6 cents for each machine they infect with adware and spyware, security researchers said Tuesday, calling the practice "awful."

http://www.linuxsecurity.com/content/view/119197
 
  Underground showdown: Defacers take on phishers
  26th, May, 2005

A small percentage of Web sites illegally set up for phishing scams have been defaced with warnings to potential victims. While illegal, some Internet watchers believe the trend could be beneficial.Groups fighting against online criminals intent on phishing have gained allies from another species of underground miscreant: Web-site defacers.

http://www.linuxsecurity.com/content/view/119202
 
  An Easier Way To Secure Wireless Networks
  23rd, May, 2005

Best Buy reports that its most frequently returned products are Wi-Fi networking gear. While many end users want the benefits of Wi-Fi, apparently very few can figure out how to set the wireless security features and get them working properly. Even experienced networking pros have trouble configuring security on today's Wi-Fi networks.

http://www.linuxsecurity.com/content/view/119170
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers From China Waste Little Time in Exploiting Heartbleed
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Why a hacker got paid for finding the Heartbleed bug
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.