Internet
Productivity Suite: Open Source Security - Trust Internet Productivity
Suite's open source architecture to give you the best security and productivity
applications available. Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced ideas and methods
into their design.
LINUX ADVISORY
WATCH - This week, advisories were released for elinks, mikmod, tcpdump,
parted, system-config-securitylevel, checkpolicy, spamassassin, gaim, ruby,
arts, kde, util-linux, sudo, gawk, mc, pilot-link, alsa-utils, jpilot, ImageMagick,
hwdata, webapp, cpio, squirrelmail, and bzip2. The distributors include Fedora,
Gentoo, and Red Hat.
LinuxSecurity.com
Feature Extras:
Introduction:
Buffer Overflow Vulnerabilities - Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
The
Tao of Network Security Monitoring: Beyond Intrusion Detection
- The Tao of Network Security Monitoring is one of the most comprehensive
and up-to-date sources available on the subject. It gives an excellent introduction
to information security and the importance of network security monitoring,
offers hands-on examples of almost 30 open source network security tools,
and includes information relevant to security managers through case studies,
best practices, and recommendations on how to establish training programs
for network security staff.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Denial of Service Attacks
21st, June, 2005
DoS attacks are not unique to the digital world. They existed
many years before anything digital was created. For example, someone sticking
a piece of chewing gum into the coin slot of a vending machine prevents
thirsty people from using the machine to fetch a refreshing drink. In
the digital world, DoS attacks can be acts of vandalism, too. They are
performed for fun, pleasure, or even financial gain. In general, DoS attacks
are a tough problem to solve because the Internet was designed on a principle
that everyone plays by the rules. In this article we will describe the
network based DOS.
Security experts at AT&T are about to take a page from CNN's
playbook. Within the next year they will begin delivering a video streaming
service that will carry Internet security news 24 hours a day, seven days
a week, according to the executive in charge of AT&T Labs.
DShield - A community approach to intrusion detection
22nd, June, 2005
Analyzing firewall logs is key to understanding the threats
your servers face. Knowing what the bad guys are looking for is the first
step in assessing how vulnerable your servers are. Both open source and
commercial firewalls make log information available to firewall administrator.
But taking risk assessment a step further, what if there were a way to
apply the principles that make open source software successful to firewall
log analysis? A way to help yourself and others at the same time? The
DShield project seeks to do just that.
Patches are small, sometimes temporary “quick fixes� that address
often critical software flaws. Patches are usually made available by software
vendors in between service packs or version upgrades upon confirmation
that a software flaw affects a large number of users with usually serious
consequences. More often than not, patches address vulnerabilities impacting
security. These patches are therefore referred to as security patches.
Typically, patches are made available for download from the software vendor’s
support Web site.
Linux vs. Windows: Analysts question assumptions about security, TCO
22nd, June, 2005
Both Linux and Windows are here to stay. The decision to deploy
a Linux or a Windows server should be based on a careful evaluation of
both technical and business needs. For smaller companies with in-house
Windows skills, moving to Linux or implementing Linux alongside Windows
could cause more headaches and staff issues than value. For larger companies
with sufficient staff and training budgets, implementing Linux-based servers
may prove cost-effective in the long-term.
I am an advocate of centralized identity management and I think
Active Directory makes a great repository for user account information.
Interoperability can be a challenge, though. For example, you may work
in a mixed environment of Linux/Unix and Windows and want users to take
advantage of their Windows accounts when logging on at a Linux/Unix machine.
This provides single sign-on for users who otherwise would need to maintain
two different sets of passwords.
Interview with Gaël Duval of Mandriva (ex MandrakeSoft)
22nd, June, 2005
Well... I'm 32 years old, and it's been nearly 7 years since I launched the first Mandrake Linux distribution - so my professional life has been totally focusing on Mandrkesoft/Mandriva for 7 years! I started as a technical director for the distribution, then I retired a bit in 2000/2001 by just focusing on our community website. Then I started to manage all the communication of Mandriva. And it's possible that I will soon stop that and focus on something else. At the same time, I always had a look at our products, sent suggestions, launched new projects such as the redesign of our desktop and the MandrakeMove concept, our very own liveCD. My spare time mostly consists of spending time with my wife and my little daughter, who was born 4 months ago! I also spend a little time recording music, which was my big hobby for years.
Read At TuxJournal.nethttp://www.linuxsecurity.com/content/view/119397
IT and physical security joining hands
20th, June, 2005
IT departments and physical security departments at corporations
must learn to work together and coordinate their efforts, because computer
security and conventional security are getting increasingly and irreversibly
intertwined, speakers at a security conference said this week.
Botnet Hunters Search for 'Command and Control' Servers
20th, June, 2005
Convinced that the recent upswing in virus and Trojan attacks is directly linked to the creation of botnets for nefarious purposes, a group of high-profile security researchers is fighting back, vigilante-style.
The objective of the group, which operates on closed, invite-only mailing
lists, is to pinpoint and ultimately disable the C&C (command-and-control)
infrastructure that sends instructions to millions of zombie drone machines
hijacked by malicious hackers.
May saw a resurgence in the amount of viruses in circulation and the number of phishing attacks.
The latest monthly report from managed security vendor MessageLabs noted that
virus attacks, and particularly Trojan attacks, increased by a third
month on month, in part due to the Bagel virus.
Black Market in Stolen Credit Card Data Thrives on Internet
21st, June, 2005
"Want drive fast cars?" asks an advertisement, in broken English,
atop the Web site iaaca.com. "Want live in premium hotels? Want own beautiful
girls? It's possible with dumps from Zo0mer." A "dump," in the blunt vernacular
of a relentlessly flourishing online black market, is a credit card number.
And what Zo0mer is peddling is stolen account information - name, billing
address, phone - for Gold Visa cards and MasterCards at $100 apiece.
Security risks associated with portable storage devices
22nd, June, 2005
There is no question that USB Flash Drives and their electronic
counterparts are a valuable addition to the road warrior's toolbox. They
have also created a nightmare for data security managers and have spawned
an entire sub industry that is aimed squarely at portable data storage
security.
Advertising for help can showcase security weaknesses
22nd, June, 2005
Wonder how hackers know where your company's network is vulnerable?
Your online job postings may be the culprit. Do they hint where you're
weak in IT staffing? List specific operating systems and hardware that
candidates should be familiar with? If so, you've provided enough information
for the bad guys to break in.
The revision of the ISO 17799 information security standard
is now available. This has been under development for several years, and
introduces a major changes to ISO 17799. The old version, published originally
in 2000, has been withdrawn.
In this environment, no organisation can afford to be without
intelligent and proactive security monitoring and disaster management
capabilities as the dangers of attacks by intruders become increasingly
important, and the scale of potential damage also arises. Keeping pace
with the rapid evolution and escalation of security threats is a daunting
challenge, and IT professionals continue to seek technologies that can
enhance security without the frustration of additional management overhead.
Data security: It doesn't take a breach to get the FTC's attention
24th, June, 2005
The litany of the latest database security breaches reads like
a laundry list of some of the most prominent companies in the U.S. But
your company doesn't have to be prominent or suffer a breach to come under
the scrutiny -- and wrath -- of the Federal Trade Commission.
The Cabinet Office's Central Sponsor for Information Assurance,
which co-ordinates information security projects across government, is
investigating applications based around a highly secure open source operating
system. The proof-of-concept systems being developed by the CSIA will
use security enhanced Linux to support remote working and web services.
Ministers were prompted to disclose details of the work following parliamentary
questions tabled by Lord Harris of Haringey about the CSIA's activities
in evaluating the security of open source software.
On June 16, the United Kingdom's incident response team, the
National Infrastructure Security Co-ordination Centre, warned that stealthy
Trojan-horse attacks were targeting specific U.K. companies and government
agencies. However, similar attacks aimed at other countries, including
the United States, have been detected over the past year, according to
security firms.
