LINUX ADVISORY
WATCH - This week, advisories were released for python, XFree86, kdeedu,
courier, zsync, gtkdiskfree, util-linux, mantis, Webmin, Qt, PHP, firefox, mozilla,
cups, HelixPlayer, RealPlayer, wget, ghostscript, slocate, net-snmp, openssh,
and binutils. The distributors include Debian, Gentoo, and Red Hat.
LinuxSecurity.com
Feature Extras:
Linux File
& Directory Permissions Mistakes - One common mistake Linux administrators
make is having file and directory permissions that are far too liberal and
allow access beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this article,
so I'll assume you are familiar with the usage of such tools as chmod, chown,
and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction:
Buffer Overflow Vulnerabilities - Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Getting
to Know Linux Security: File Permissions - Welcome to the first
tutorial in the 'Getting to Know Linux Security' series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Pointsec full-disk encryption for Linux debuts
27th, September, 2005
The product is meant to ensure an entire hard drive's data can be encrypted in real time and only accessed by authorised users. A full-disk end-user software encryption product for Linux was launched on Monday by security software company Pointsec. Full-disk encryption protects all data on the hard disk including the operating system, system files, and "supposedly deleted files", the company claims..
Pointsec is pitching the product — Pointsec for Linux — at "large technology and telecommunications corporations needing to protect intellectual property stored on laptop and desktop computers".
Guideline for Implementing Cryptography in the Federal Government
3rd, October, 2005
The US National Institute of Standards and Technology has released
an updated draft version of its 'Guideline for Implementing
Cryptography in the Federal Government'. This is the second edition
of a white paper first released in 1999, and a welcome to the
literature on practical applications of cryptography.
Cisco Systems took steps Tuesday to address the growing need for more secure networks that can defend themselves against a variety of threats with the introduction of new incident-control and threat-mitigation software and services. It also has new versions of the company's intrusion-prevention signature (ISP) system and IOS router operating system software.
Linux vendor has made plans to put its operating system through the paces of a US evaluation program to create the first "trusted" Linux operating system.
Red Hat, with help from IBM and Trusted Computing Solutions, said it would put its operating system through the paces of the National Information Assurance Partnership's Common Criteria evaluation program to create the first "trusted" Linux operating system.
Automating Linux security should be a higher priority
30th, September, 2005
I know Linux has a firewall. I know about iptables.
I know Linux has fewer viruses targeting it than Windows does.
But I strongly believe that Linux users badly need the kind of automated anti-viral patch management service that Windows users now take for granted. The present approach, in my view, just won't scale.
Sarbanes-Oxley and realtime's identity management solution
27th, September, 2005
Realtime's Risk Management Tool, APM, has been installed over 150 times to SAP customers and our bioLock is well established in the SAP world as the first SAP certified biometric identity management solution. These were enough reasons for SAP to approach realtime to include us in an educational movie about Sarbanes-Oxley. We facilitated an interview with Professor Paul Foote, (a Harvard educated Accounting Professor in California and Sarbanes-Oxley expert), that has built a biometric research center around the bioLock technology. SAP decided to make an additional movie about the bioLock technology to point out the powerful capabilities of biometrics, when it comes to complying with mandatory regulations. Both movies were shown on SAP TV worldwide.
RSBAC is a flexible, powerful and fast open source access control framework for current Linux kernels. From a practical standpoint, it allows possibilities such as full fine grained control over objects, memory execution prevention, real time integrated virus detection and more.
An agency of the French Ministry of Defence is planning to install a high-performance Linux cluster for technical and scientific work.
The Technical Establishment of Bourges (ETBS), which tests and manufactures armaments, has issued a tender for the supply of a 64-bit Linux cluster, according to a document on an EU website. The deadline of the tender was reached on Thursday but it was unclear from the tender document when the ETBS plans to start implementing the cluster.
The contours of the finger, the patterns of the iris and the shape of the hand can all be used to provide strong authentication, but are these - and other – biometric technologies sufficient to provide good security while also ensuring the privacy and trust of end users?
Agencies need a mix of tools for incident response
29th, September, 2005
Federal information technology managers need a mix of tools to quickly respond to security incidents.
The more effective technologies will combine tracking of IT assets with vulnerability management capabilities as well as event correlation functions, expert say.
Spyware is Being Designed For a Broader Audience Than Ever Before
27th, September, 2005
There are over 530 commercial spy programs, with about 5 brand new ones appearing each month. Commercial monitoring spyware includes keyloggers, email redirectors, screen recorders and more. It should not to be confused with adware.
Blogs are extremely popular nowadays. I spend most of my non-business related surfing time on blogs. As the number of blogs is increasing evey day, I often come across something innovative.Coveno is your typically looking blog, but it has a twist - it is, as the authors call it, web's first public email account.
http://www.linuxsecurity.com/content/view/120455
Multiple Lines of Defense
29th, September, 2005
No matter how good any single network security application is, there is someone out there smarter than the people who designed it with more time on his hands than scruples who will eventually get past it. It is for this reason that common security practice suggests multiple lines of defense, or defense in depth.
Most people believe security can’t be directly linked to the business initiatives, supporting SOX compliance or improving top line revenue. Ask the executive management team of most companies if they still think of security as an “art� rather than a science and you’ll find most believe it’s a necessity, but wonder if they can ever be truly secure.
Finances can be quantified, network operations can be measured to understand bandwidth requirements now and projected into the future, but most see security as nebulous at best. Even as the awareness of cyber-attacks increases and the importance of government regulations grows, security professionals are still battling for resources and budget.
Businesses are at risk of losing confidential data to hackers asoffice workers leave their Bluetooth-enabled PDAs and mobile phones unsecured.
A survey of commuters in three central London railway stations found that one in 10 are travelling with mobile devices that are open to eavesdropping by hackers.
RealPlayer and Helix Player in Linux security scare
28th, September, 2005
Users who run the media players on Linux or Unix are at risk of attack, security experts claim
Popular media players RealPlayer and Helix Player are at risk of a security vulnerability that could let malicious attackers launch remote attacks on a user's system, security experts say.
The Linux versions of RealNetworks' popular RealPlayer and Helix Player can be used by attackers to load malicious code onto systems, several security organizations reported Tuesday.
Both RealPlayer 10.x and Helix 1.x sport a zero-day vulnerability that could let a hacker execute commands remotely once he'd convinced the user to open a malformed .rp (realpix) or .rt (realtext) file. RealPix and RealText files are image slideshow and text-based displays (such as a scrolling ticker-style message) played by RealPlayer and Helix.
