EnGarde Secure Linux 3.0 - Download Now!
Linux 2.6 kernel featuring SELinux Mandatory Access Control
- Guardian Digital Secure Network features free access to all system and security updates (to be available shortly through an updated release)
- Support for new hardware, including 64-bit AMD architecture
- Web-based management of all functions, including the ability to build a complete web presence with FTP, DNS, HTTP, SMTP and more.
- Apache v2.0, BIND v9.3, MySQL v5.0(beta)
- Completely new WebTool, featuring easier navigation and greater ability to manage the complete system
- Integrated firewall with ability to manage individual firewall rules, control port forwarding, and creation of IP blacklists
- Built-in UPS configuration provides ability to manage an entire network of battery-backup devices
- RSS feed provides ability to display current news and immediate access to system and security updates
- Real-time access to system and service log information
LEARN MORE:
https://guardiandigital.com/cloud-email-security
Denial of Service Attacks
Dave Wreski
A "Denial of Service" (DoS) attack is one where the attacker tries to make some resource too busy to answer legitimate requests, or to deny legitimate users access to your machine.
Denial of service attacks have increased greatly in recent years. Some of the more popular and recent ones are listed below. Note that new ones show up all the time, so this is just a few examples. Read the Linux security lists and the bugtraq list and archives for more current information.
- SYN Flooding - SYN flooding is a network denial of service attack. It takes
advantage of a "loophole" in the way TCP connections are created. The newer
Linux kernels (2.0.30 and up) have several configurable options to prevent
SYN flood attacks from denying people access to your machine or services.
See Section 7 for proper kernel protection options.
- Ping Flooding - Ping flooding is a simple brute-force denial of service
attack. The attacker sends a "flood" of ICMP packets to your machine. If they
are doing this from a host with better bandwidth than yours, your machine
will be unable to send anything on the network. A variation on this attack,
called "smurfing", sends ICMP packets to a host with your machine's return
IP, allowing them to flood you less detectably.
- Ping o' Death - The Ping o' Death attack sends ICMP ECHO REQUEST packets
that are too large to fit in the kernel data structures intended to store
them. Because sending a single, large (65,510 bytes) "ping" packet to many
systems will cause them to hang or even crash, this problem was quickly dubbed
the "Ping o' Death." This one has long been fixed, and is no longer anything
to worry about.
- Teardrop / New Tear - One of the most recent exploits involves a bug present in the IP fragmentation code on Linux and Windows platforms. It is fixed in kernel version 2.0.33, and does not require selecting any kernel compile-time options to utilize the fix. Linux is apparently not vulnerable to the "newtear" exploit.
Read more from the Linux Security Howto:
/howtos
LinuxSecurity.com Feature Extras:
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New gtkdiskfree packages fix insecure temporary file | ||
| 29th, September, 2005
Updated package. advisories/debian/debian-new-gtkdiskfree-packages-fix-insecure-temporary-file |
||
| Debian: New util-linux packages fix privilege escalation | ||
| 29th, September, 2005
Updated package. advisories/debian/debian-new-util-linux-packages-fix-privilege-escalation |
||
| Debian: New ClamAV packages fix denial of service | ||
| 29th, September, 2005
Updated package. advisories/debian/debian-new-clamav-packages-fix-denial-of-service-32713 |
||
| Debian: New loop-aes-utils packages fix privilege escalation | ||
| 29th, September, 2005
Updated package. advisories/debian/debian-new-loop-aes-utils-packages-fix-privilege-escalation |
||
| Debian: New helix-player packages fix multiple vulnerabilities | ||
| 29th, September, 2005
Updated package. advisories/debian/debian-new-helix-player-packages-fix-multiple-vulnerabilities |
||
| Debian: New backupninja packages fix insecure temporary file | ||
| 29th, September, 2005
Updated package. advisories/debian/debian-new-backupninja-packages-fix-insecure-temporary-file |
||
| Debian: New squid packages fix denial of service | ||
| 30th, September, 2005
Updated package. advisories/debian/debian-new-squid-packages-fix-denial-of-service-8029 |
||
| Debian: New squid packages fix denial of service | ||
| 30th, September, 2005
Updated package. advisories/debian/debian-new-squid-packages-fix-denial-of-service-8029 |
||
| Debian: New mysql packages fix arbitrary code execution | ||
| 30th, September, 2005
Updated package. advisories/debian/debian-new-mysql-packages-fix-arbitrary-code-execution |
||
| Debian: New ntlmaps packages fix information leak | ||
| 30th, September, 2005
Updated package. advisories/debian/debian-new-ntlmaps-packages-fix-information-leak |
||
| Debian: New mysql-dfsg packages fix arbitrary code execution | ||
| 30th, September, 2005
Update package. advisories/debian/debian-new-mysql-dfsg-packages-fix-arbitrary-code-execution |
||
| Debian: New gopher packages fix several buffer overflows | ||
| 30th, September, 2005
Updated package. advisories/debian/debian-new-gopher-packages-fix-several-buffer-overflows |
||
| Debian: New mysql-dfsg-4.1 packages fix arbitrary code execution | ||
| 1st, October, 2005
Updated package. advisories/debian/debian-new-mysql-dfsg-41-packages-fix-arbitrary-code-execution |
||
| Debian: New prozilla packages fix arbitrary code execution | ||
| 1st, October, 2005
Updated package. advisories/debian/debian-new-prozilla-packages-fix-arbitrary-code-execution-34834 |
||
| Debian: New cfengine packages fix arbitrary file overwriting | ||
| 1st, October, 2005
Updated package. advisories/debian/debian-new-cfengine-packages-fix-arbitrary-file-overwriting |
||
| Debian: New cfengine2 packages fix arbitrary file overwriting | ||
| 1st, October, 2005
Updated package. advisories/debian/debian-new-cfengine2-packages-fix-arbitrary-file-overwriting |
||
| Debian: New Mozilla Firefox packages fix denial of service | ||
| 2nd, October, 2005
Updated package. advisories/debian/debian-new-mozilla-firefox-packages-fix-denial-of-service |
||
| Debian: New mozilla-firefox packages fox multiple vulnerabilities | ||
| 2nd, October, 2005
Updated package. advisories/debian/debian-new-mozilla-firefox-packages-fox-multiple-vulnerabilities |
||
| Debian: New apachetop packages fix insecure temporary file | ||
| 4th, October, 2005
Updated package. advisories/debian/debian-new-apachetop-packages-fix-insecure-temporary-file |
||
| Debian: New drupal packages fix remote command execution | ||
| 4th, October, 2005
Updated package. advisories/debian/debian-new-drupal-packages-fix-remote-command-execution |
||
| Debian: New mailutils packages fix arbitrary code execution | ||
| 4th, October, 2005
Updated package. advisories/debian/debian-new-mailutils-packages-fix-arbitrary-code-execution |
||
| Debian: New egroupware packages fix arbitrary code execution | ||
| 4th, October, 2005
Updated package. advisories/debian/debian-new-egroupware-packages-fix-arbitrary-code-execution |
||
| Debian: New mysql-dfsg-4.1 package fixes arbitrary code execution | ||
| 4th, October, 2005
Updated package. advisories/debian/debian-new-mysql-dfsg-41-package-fixes-arbitrary-code-execution |
||
| Debian: New arc packages fix insecure temporary files | ||
| 5th, October, 2005
Updated package. advisories/debian/debian-new-arc-packages-fix-insecure-temporary-files |
||
| Debian: New mod-auth-shadow packages fix authentication bypass | ||
| 5th, October, 2005
Updated package. advisories/debian/debian-new-mod-auth-shadow-packages-fix-authentication-bypass |
||
| Debian: New mason packages fix missing init script | ||
| 6th, October, 2005
Updated package. advisories/debian/debian-new-mason-packages-fix-missing-init-script |
||
| Gentoo | ||
| Gentoo: AbiWord RTF import stack-based buffer overflow | ||
| 30th, September, 2005
AbiWord is vulnerable to a stack-based buffer overflow during RTF import, making it vulnerable to the execution of arbitrary code. |
||
| Gentoo: Hylafax Insecure temporary file creation in xferfaxstats | ||
| 30th, September, 2005
Hylafax is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files. |
||
| Gentoo: Mozilla Suite, Mozilla Firefox Multiple | ||
| 30th, September, 2005
This advisory was originally released to fix the heap overflow in IDN headers. However, the official fixed release included several other security fixes as well. |
||
| Gentoo: gtkdiskfree Insecure temporary file creation | ||
| 3rd, October, 2005
gtkdiskfree is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files. |
||
| Gentoo: Berkeley MPEG Tools Multiple insecure temporary | ||
| 3rd, October, 2005
The Berkeley MPEG Tools use temporary files in various insecure ways, potentially allowing a local user to overwrite arbitrary files. |
||
| Gentoo: Uim Privilege escalation vulnerability | ||
| 4th, October, 2005
Under certain conditions, applications linked against Uim suffer from a privilege escalation vulnerability. |
||
| Gentoo: Texinfo Insecure temporary file creation | ||
| 5th, October, 2005
Texinfo is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files. |
||
| Red Hat | ||
| RedHat: Low: slocate security update | ||
| 5th, October, 2005
An updated slocate package that fixes a denial of service and various bugs is available. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-slocate-security-update-97578 |
||
| RedHat: Low: vixie-cron security update | ||
| 5th, October, 2005
An updated vixie-cron package that fixes various bugs and a security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-vixie-cron-security-update-96028 |
||
| RedHat: Low: net-snmp security update | ||
| 5th, October, 2005
Updated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-net-snmp-security-update-46188 |
||
| RedHat: Updated kernel packages available for Red Hat | ||
| 5th, October, 2005
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version. advisories/red-hat/redhat-updated-kernel-packages-available-for-red-hat-44538 |
||
| RedHat: Moderate: openssh security update | ||
| 5th, October, 2005
Updated openssh packages that fix a security issue, bugs, and add support for recording login user IDs for audit are now available for Red Hat Enterprise Linux 4. advisories/red-hat/redhat-moderate-openssh-security-update-RHSA-2009-1470-01 |
||
| RedHat: Low: binutils security update | ||
| 5th, October, 2005
An updated binutils package that fixes several bugs and minor security issues is now available. advisories/red-hat/redhat-low-binutils-security-update-37292 |
||
| RedHat: Low: perl security update | ||
| 5th, October, 2005
Updated Perl packages that fix security issues and contain several bug fixes are now available for Red Hat Enterprise Linux. advisories/red-hat/redhat-low-perl-security-update-RHSA-2005-674-01 |
||
| RedHat: Low: mysql security update | ||
| 5th, October, 2005
Updated mysql packages that fix a temporary file flaw and a number of bugs are now available advisories/red-hat/redhat-low-mysql-security-update-58901 |
||
| RedHat: Low: gdb security update | ||
| 5th, October, 2005
An updated gdb package that fixes several bugs and minor security issues is now available. advisories/red-hat/redhat-low-gdb-security-update-25034 |
||
