Internet
Productivity Suite: Open Source Security - Trust Internet Productivity
Suite's open source architecture to give you the best security and productivity
applications available. Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced ideas and methods
into their design.
LINUX ADVISORY
WATCH - This week, advisories were released for mikmod, tcpdump, yum, elinks,
parted, system-config-securitylevel, checkpolicy, spamassassin, gaim, libextractor,
Ettercap, shtool, gedit, MediaWiki, gzip, gftp, squid, rsh, sysreport, telnet,
bz, and mc. The distributors include Fedora, Gentoo, and Red Hat.
LinuxSecurity.com
Feature Extras:
Introduction:
Buffer Overflow Vulnerabilities - Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
The
Tao of Network Security Monitoring: Beyond Intrusion Detection
- The Tao of Network Security Monitoring is one of the most comprehensive
and up-to-date sources available on the subject. It gives an excellent introduction
to information security and the importance of network security monitoring,
offers hands-on examples of almost 30 open source network security tools,
and includes information relevant to security managers through case studies,
best practices, and recommendations on how to establish training programs
for network security staff.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Talking with Richard Stallman
12th, June, 2005
1) Let's start. Can you explain to our readers why you started with
FSF in 1984? What did you need of? Why you created it?
What I started in 1984 was the development of the GNU operating system.
All the operating systems for modern computers of the day were proprietary;
users were forbidden to share them, and could not get the source code
to change them. The only way to use computers in freedom was to replace
those systems with a free operating system. That's what GNU was meant
to do. The Free Software Foundation was started in late 1985 to raise
funds for GNU development, and more generally to promote free software.
I've just completed my review on "Apache Security" by O'Reilly."This
book was written by Ivan Ristic, the author of the popular Apache web
application firewall module mod_security. Naturally this book does discuss
how to use mod_security to harden your system, but I'm happy to report
it isn't his main area of focus. One of the first things that I do while
reviewing a book is to find all the things that the text doesn't cover
that it *really* should have and point them out in my review. Simply put
this book has everything, and I do mean everything. Here's the low down
on a per chapter basis."
O'Reilly Releases "SSH, The Secure Shell: The Definitive Guide, Second Edition"
16th, June, 2005
The name looks like the sound you'd make to hush someone, which
is not inappropriate if you think of SSH, the secure shell, as a means
of silently sending information between computers. "SSH" is actually pronounced
by spelling it aloud "S-S-H," and isn't a shell at all, but a protocol.
The name was originally coined from the rsh utility, a Unix program that
also provides logins.
According to most security professionals, a top-tier, open-source
security tool must have sufficient history to allow a practitioner to
use it with confidence. And it must have a sufficiently large developer
base to ensure that fixes will be available in light of discovered vulnerabilities.
Pegasystems’ Business Process Management (BPM) solutions offer organizations
the agility critical to managing growth, productivity and compliance.
Our solution unifies pure-play BPM with a sophisticated Business Rules
Engine. Pegasystems makes it easy for people and systems to work together.
Endian Firewall is a turn-key Linux security distribution based
on IPCop that turns a system into a security appliance. The features include
a stateful packet inspection firewall, application-level proxies for various
protocols (HTTP, POP3, SMTP) with anti-virus support, virus and spam filtering
for E-mail traffic (POP and SMTP), content filtering of Web traffic and
VPN (based on OpenVPN).
Taxed with providing an ever-expanding range of complex security
functions, IPS vendors are rising to the challenge, transforming their
wares to go beyond simply identifying and stopping attacks based on updated
threat profiles.
McAfee is looking to help protect against what it calls a dramatic
increase of attacks on Linux systems. The company's Entercept intrusion
prevention system -- already available for Windows and Solaris -- uses
a combination of behavioral rules, signatures and a firewall to protect
IT infrastructure from attack.
Do you think there are security benefits businesses could reap by simply switching to open source solutions?
Greenberg: Yes. A great number of security holes are because of Windows
having glaring security holes in its browser and mail agent. Use Windows
and Firefox, for example, instead of Windows and IE, and 80 percent
of the security concerns vanish. The number of security threats in an
OS-to-OS face off is about equal, from what I see. As — and if — Linux
usage increases, the Linux threat level may increase.
Sun Microsystems has fixed a pair of security bugs in Java that could be exploited by attackers to take over computers running Windows, Linux and Solaris.
The flaws are "highly critical," security monitoring company Secunia said
in an advisory posted Tuesday. Flaws that get that ranking--one notch
below Secunia's most severe "extremely critical" rating--are typically
remotely exploitable and can lead to full system compromise.
Centralization, automation, problem prioritization--many IT-security
professionals are embracing those concepts as they fight off the never-ending
onslaught of threats. Security products can help businesses stem the flood
of vulnerabilities, but IT teams also have to put in place processes to
ensure that they're responding appropriately and being proactive in warding
off potential dangers. Fact is, some companies spend too much on some
parts of their organization and not enough on more-vulnerable areas.
Computer Associates and RSA Security have released products
to centralise security management and make policies easier to define and
deploy. The aim is to make it simpler to implement complex data security
measures. CA's eTrust Identity and Access Management (IAM) Toolkit is
a development system that lets organisations build a single method of
user identity and control, said the firm. The system spans Windows, Unix,
Linux and web services applications that would otherwise demand separate
solutions of their own.
For proof that hunger is growing in the information security
community for Secure Sockets Layer-based virtual private networks, look
at the latest offerings from Check Point Software and Juniper Networks.
For insight on what the big deal is, ask Steve Smith, network manager
for Erie, Pa.-based Saint Vincent Health System.
Software attack tools that turn PCs into remotely controlled
zombies are getting better, but defenses are not keeping up, say security
experts. The latest threats are tailored to attack specific companies,
foregoing rapid spread and avoiding notice. Others use modular components,
such as an infector that can be changed to defeat the latest antivirus
software and a second-stage component that turns off PC defenses.
Cryptographers have found a way to snip a digital signature from one document and attach it to a fraudulent document without invalidating the signature and giving the fraud away.
The development means that attackers could potentially forge legal documents,
load certified software with bogus code, or turn a digitally-signed
letter of recommendation into one that authorises access to private
information.
While the scams that daily flood our e-mail in-boxes show no
signs of abating, there is some good news for the users who have to sort
through them all. So says VeriSign, in its latest "State of Internet Security"
address covering the first three months of 2005.
BindView Presents IT Security Compliance Best Practices for the C&A Process
16th, June, 2005
The C&A process is well-known by federal agencies as a highly
manual process that artificially increases costs and delays, and isolates
resulting data from other systems that might benefit from its use. The
webinar will cover new methodologies and technologies for integrating
the C&A process with an organization's IT security compliance and automation
efforts to achieve success in meeting regulatory mandates and significantly
reduce costs and delays.
Those responsible for enterprise security are increasingly turning
to open-source applications in lieu of security products based on proprietary
code -- and for many good reasons.
Most Americans believe the government should do more to make
the Internet safe, but they don't trust the federal institutions that
are largely responsible for creating and enforcing laws online, a new
industry survey says.
The U.S. Department of Justice is quietly shopping around the explosive idea of requiring Internet service providers to retain records of their customers' online activities.
Data retention rules could permit police to obtain records of e-mail chatter,
Web browsing or chat-room activity months after Internet providers ordinarily
would have deleted the logs--that is, if logs were ever kept in the
first place. No U.S. law currently mandates that such logs be kept.
An emerging breed of computer virus that keeps hackers informed
about the latest weaknesses in computer networks has been discovered by
security experts. The viruses infect a network, scan for security vulnerabilities
and then report back to hackers through an internet chatroom.
Mobile & Wireless World to focus on Wi-Fi, security, RFID
14th, June, 2005
When it comes to mobile and wireless technology, what keeps
a CIO up at night? John Wade, CIO of the Saint Luke's Health System in
Kansas City, Mo., said he faces many of the same problems confronting
other CIOs when it comes to supporting mobile and wireless technology
in a large organization. Wade is one of 25 senior IT managers making presentations
at Computerworld's Mobile & Wireless World conference this week in Scottsdale,
Ariz. The event kicks off today, with an expected audience of about 300
attendees, including many senior IT managers, organizers said.
