Internet
Productivity Suite: Open Source Security - Trust Internet Productivity
Suite's open source architecture to give you the best security and productivity
applications available. Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced ideas and methods
into their design. LINUX ADVISORY
WATCH - This week, advisories were released for qpopper, openssl, php4,
bzip2, ImageMagick, bind, netpbm, gxine, imap4d, elfutils, gnutls, and postgresql.
The distributors include Debian, Fedora, Gentoo, and Red Hat.
LinuxSecurity.com
Feature Extras:
Introduction:
Buffer Overflow Vulnerabilities - Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
The
Tao of Network Security Monitoring: Beyond Intrusion Detection
- The Tao of Network Security Monitoring is one of the most comprehensive
and up-to-date sources available on the subject. It gives an excellent introduction
to information security and the importance of network security monitoring,
offers hands-on examples of almost 30 open source network security tools,
and includes information relevant to security managers through case studies,
best practices, and recommendations on how to establish training programs
for network security staff.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
What is the point of encryption if you don’t know who for?
30th, May, 2005
Dr. Walter, Head of Cryptography for Comodo Inc. and chair of
the Trusted Computing Group (TCG) Peripheral Working Group, has clarified
the relationship between encryption and authentication. The blurred definition
to date has split the Certificate Authority industry into two groups.
Authorities such as Comodo and VeriSign compete head to head, to deliver
high assurance digital certificates whilst other groups concentrate on
the low assurance market.
If you want to set up a Linux-based firewall, there's no need
to run a bloated distribution that installs everything but the kitchen
sink. If you are not afraid to get your hands dirty, and like having total
control over your system, then Sentry Firewall CD (SFCD) is just what
you need. It is a highly configurable, bootable CD that takes a minimalist
approach to firewalling.
Many American online computer users are unaware that choice
of browser affects Internet security, and few switch browsers even when
they know the risk, a Norwegian study said Monday.
Criminals aren't the only ones benefiting from the onslaught of threats that bombard corporate networks. Security vendors are also reaping the benefits.
According to Infonetics Research, worldwide security appliance and software
revenue is forecast to hit $6.5 billion by 2008.
It's a tedious activity that can put the best of IT administrators to sleep. But as security and compliance manager for a large U.S. healthcare organization, Adam Nunn has learned to study his network activity logs religiously. He knows that when the bad guys work overtime to break his defenses, those logs can be the first sign of trouble.
He had a more relaxed approach to log checking at home. But one day he had
a look and was alarmed to find that more than 1,000 brute force attacks
had been targeting his personal Web server for a month.
An Introduction to Securing Linux with Apache, ProFTPd and Samba
2nd, June, 2005
While the vast majority of Linux users are hard-core techies,
some may be using Linux because they want to try something new, are interested
in the technology, or simply cannot afford or do not want to use Microsoft
Windows.
One of the oldest Unix-like operating systems, FreeBSD, continues
its advancement with the sixth release in the FreeBSD-5 series. Its developers
have added nothing major, but have made many modifications, fixing a number
of problems introduced in previous releases. FreeBSD 5.4 is the best release
since 5.1, but it still may not be ready for prime time.
Everybody know that you're the OpenBSD and OpenSSH GURU and creator, one of most famous and used secure operating system nowaday. Why you created them? What did you need many years ago from os world when you created OpenBSD? What inspired you to write from scratch OpenBSD and OpenSSH? Read Full Texthttp://www.linuxsecurity.com/content/view/119235
Employee Training & Education Can Mitigate Threats
31st, May, 2005
“Many Internet threats are easily avoidable and just executed
by employees who are simply unaware of their presence. Once briefed on
basic Internet security, it is equally important to keep your employees
educated as well. When new threats arise, send out memos alerting each
employee of the threat, how to identify it, and what to do if and when
they have it,� says security expert and Guardian Digital CEO Dave Wreski.
Centralization, automation, problem prioritization--many IT-security
professionals are embracing those concepts as they fight off the never-ending
onslaught of threats. Security products can help businesses stem the flood
of vulnerabilities, but IT teams also have to put in place processes to
ensure that they're responding appropriately and being proactive in warding
off potential dangers. Fact is, some companies spend too much on some
parts of their organization and not enough on more-vulnerable areas.
Fedora Directory Server Now Available To The Open Source Community
1st, June, 2005
The Fedora Project, a Red Hat-sponsored and community-supported,
open source collaboration project, today announced at the Red Hat Summit
the availability of Fedora Directory Server. By making Fedora Directory
Server freely available to the open source development community, Red
Hat is enabling and encouraging the development of secure, enterprise
technologies and providing customers and partners with increased choice.
The availability of Fedora Directory Server licensed under the GPL underscores
Red Hat's true commitment to open source innovation.
Auditing passwords is a worthwhile venture, particularly in
an environment that deals with sensitive information. Because systems
encrypt passwords when they store them, you really can't properly judge
the strength of a password unless you try to crack it. We suggest using
a password-cracking tool such as John the Ripper. This tool works extremely
well because it can crack MD5 passwords, which most systems currently
use. In addition, it's much faster and more sophisticated than earlier
password-cracking software such as Crack.
Service providers need to focus more resources on voice over IP (VoIP) security if they are to provide the level of reliability and trust that subscribers have come to expect with traditional telephone services, analysts have warned.
According to a white paper from business consulting and systems integration
firm BearingPoint, broadband operators need to address security problems
before rushing to VoIP as a way to increase revenue and provide new
services.
Network equipment maker Cisco Systems Inc. and Internet portal
Yahoo Inc. are combining their efforts to combat e-mail spam and forgery
in a step that's expected to help expand adoption of the technology.
IT Security industry needs to convince citizens of its trustworthiness
and the robustness of their products if it works to win a slice of the
project associated with the introduction of ID cards. A recent research,
published by Glasshouse Partnership, reveals that there is a lack of confidence
in the ability to manage data security.
The UK government plans to issue its ID card as a passport with
biometric identifiers stored in a chip – and the US wants those chips
to be compatible with its own scanners, raising the possibility that US
agencies could have access to the ID Card database.
A spending bill likely to be passed this month will give the
Department of Homeland Security's chief cybersecurity officer more clout
but will not solve major issues in how the agency handles its job of protecting
the nation's critical infrastructure, security experts said this week.
CYBER terrorism is almost a dirty word among elite computer
security professionals, and there's a high risk of being ridiculed if
you use it in their midst. AusCERT director Nick Tate says you're more
likely to generate public terror by flying an aircraft into a bank than
by breaking through its electronic security cordon.
Israeli Police Charge 18 With Industrial Espionage
31st, May, 2005
Eighteen people have been arrested in one of Israel's largest
industrial espionage schemes, police said Sunday, charging that business
executives and private investigators used sophisticated software to infiltrate
competitors' computers. The investigation implicated a car importer, two
cell phone providers, and the nation's main satellite television company.
Police said they were still sifting through documents and computer files
to figure out the extent of the damage, but maintained that victims lost
competitive bids and thousands of customers because of the spying.
A one-two-three assault of disparate spammer and hacker groups in the last 24 hours bodes nothing but ill for users, a security expert said Thursday.
The attack, which involves a new combination of malicious code, shows evidence
of "tactical coordination that is unprecedented," said Sam Curry, vice
president of Computer Associates' eTrust security group.
Cryptographers have discovered a way to hack Bluetooth-enabled
devices even when security features are switched on. The discovery may
make it even easier for hackers to eavesdrop on conversations and charge
their own calls to someone else’s cellphone.
