Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linux Security Week: November 28th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Steps for preserving the integrity of log data," "Nine principles of security architecture," and "Is Linux really more secure than Windows."

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LINUX ADVISORY WATCH - This week, advisories were released for phpgroupware, egroupware, fetchmail, gnump3d, common-lisp-controller, xmail, unzip, netpbm, mantis, fetchmail-ssl, sylpheed, ipmenu, horde3, zope, Smb4k, mtab, phpSysInfo, eix, php, drakxtools, binutils, and fuse. The distributors include Debian, Gentoo, Mandriva. Feature Extras:

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to with "subscribe" as the subject.

Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

  O3 Magazine
  24th, November, 2005

O3 magazine is a free magazine distributed electronically in PDF format. O3 is published on a monthly basis. The focus of O3 is on the use of Free and Open Source (FOSS) software in Enterprise Data Networking environments. Some articles in O3 will introduce open source solutions, while some are designed to demonstrate how to integrate open source solutions with leading Enterprise Data Networking hardware from a wide variety of vendors.
  DCHP, shared feeds and lots of service management
  23rd, November, 2005

DHCP is now a key potential point of failure for many organisations, said Nominum as it introduced version 2 of its high-availability Dynamic Configuration Server (DCS), which it claimed can provide over 2,400 DHCP leases per second, 59 times more than a widely used open source equivalent. DHCP, or Dynamic Host Configuration Protocol, is the scheme that automatically assigns IP addresses within a network.
  Security: Freedom to enter but no right to roam
  24th, November, 2005

When you add the responsibility for information and security in an organisation that ranges across Europe, life becomes even more complex. You also need to accommodate differences in mindset about legislative severity, and differences in national character. Within countries, many of the challenges remain the same for CIOs, wherever they are based. They must try to operate a security model that has changed from a "fortress" - where everything was kept out - to an "airport" style security. Now everyone is rushing around in different directions aiming for different destinations, and their credentials to "fly" or interact with the company need to be checked.
  Making your security fit
  24th, November, 2005

There is no doubt that network security keeps IT directors awake at night. And it doesn't look like restful slumber is getting any closer. When the British Computer Society surveyed IT directors in May, it found security was the main concern for 61% of respondents.
  Steps for preserving the integrity of log data
  22nd, November, 2005

In the past few years, companies have spent billions of dollars to update their IT infrastructures to meet requirements from various European and US government regulations. One of the more noticeable and most important recommendations of these regulations is record-keeping. For example, Sarbanes-Oxley recommends that all companies "maintain financial records for seven years." In order to ensure the accuracy of corporate financial and business information, this recommendation also pertains to records that are used to "audit unauthorised access, misuse and fraud." Other regulations such as HIPAA also recommend keeping records for up to six years.
  Secure remote file management with sshfs
  22nd, November, 2005

It's a dangerous Internet out there, kids. If you are going to work on remotely connected machines, do it safely. Simple file transfers and interactive sessions have scp and ssh respectively; in fact there is hardly a commercial Web hosting provider left that doesn't support them. For more complicated scenarios we have VPN tools. But what if you need to work with files on a remote server, but find scp tedious in repetition and FreeS/WAN too cumbersome? You might find just what you're looking for in sshfs -- a tool for mounting a remote filesystem transparently and securely as if it were just another directory on your local machine.
  Hey Linux Users: No Software Is Impenetrable
  25th, November, 2005

The bug that besets a Windows network today is very likely to infect a Linux or Unix network connected to it. Similarly, companies that fail to secure their Linux networks may find rogue code spreading and infecting interconnected Windows networks. Security is one of the foremost and fundamental components of the network infrastructure Latest News about network infrastructure and one that will negatively or positively impact the daily operations of any business. No software code or hardware device, be it proprietary oropen source Latest News about open source, is immune to hacks.
  Applying Security to Web Servers
  25th, November, 2005

Web servers are among the most obvious targets for black hats. Whether used for basic e-commerce or more advanced Web services, they give attackers an always-on interface to an IT system and often a shortcut to the parts that handle financial transactions. Even better for the attacker, they increasingly run custom applications developed in-house. These are more likely than the basic Web server software to contain security vulnerabilities, as they haven't been subjected to the rigorous quality control procedures of the open-source community or a commercial vendor.
  Novell Attacks Microsoft Linux Study
  21st, November, 2005

Microsoft went on the offensive earlier this week, announcing a study in which Windows Server trounced Novell's SUSE Enterprise Linux in both reliability and ease of use over a period of one year. Novell says the report simply "aims to confuse the market." In a company blog posting, Novell PR manager Kevan Barney notes that Microsoft funded the Security Innovation study, and says, "Independent studies regularly credit Linux in general, and SUSE Linux in particular, as secure, reliable, supported platforms."
  Test drive: EnGarde Secure Linux
  23rd, November, 2005

EnGarde Secure Linux is a server-based distribution developed with security in mind. It comes with a minimal set of services so that the server is not unnecessarily exposed, and no superfluous software -- including no X Window-based window manager. Even compilers, such as GCC, are not included. Yet EnGarde enables you to run any sort of Web presence, from a simple mail server to a complete e-commerce site.
  Study: Security still top IT spending priority
  22nd, November, 2005

A recent survey of 100 US IT executives predicts that IT spending will decrease slightly in 2006 as more businesses worry about global economic conditions, but security software and enterprise IT upgrades remain top concerns, according to Goldman, Sachs & Co. Macroeconomic factors such as high oil prices and a devastating hurricane season in the U.S. have caused 40 percent of the executives surveyed by Goldman to consider reducing their 2006 IT budgets, according to survey results released Friday. Most executives, 52 percent, believe their IT spending will be unchanged in 2006 as compared to 2005.
  Nine principles of security architecture
  22nd, November, 2005

Security architecture is a new concept to many computer users. Users are aware of security threats such as viruses, worms, spyware, and other malware. They have heard of, and most use, anti-virus programs and firewalls. Many use intrusion detection. Architectural security, though, remains a mystery to most computer users.
  The SANS Top 20 Internet Security Vulnerabilities
  23rd, November, 2005

We have made a best effort to make this list meaningful for most organizations. Hence, the Top-20 2005 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; many other user organizations; and the SANS Institute. A list of participants may be found at the end of this document.
  Overcoming those first hurdles when selling a security solution
  24th, November, 2005

The reality is that in the last 14 years the number of global cases that identify corporate board members as being personally responsible for the loss of customer information, customer confidence and so forth have grown considerably. South Africa is no exception, since the promulgation of the ECT Act, companies have become increasingly vulnerable and face, like their international counterparts, possible legal action if proper security processes are neglected.
  Is Linux really more secure than Windows?
  25th, November, 2005

My colleague Larry Seltzer thinks we may be on the verge of an age of Linux worms that might rival the endless trouble Windows users encounter. Nah. First, none of the trio of vulnerabilities in the luppi worm actually have a thing to do with Linux. Yes, these worms target Linux systems, but the holes they use to target aren't Linux holes at all. They're Web service script holes. Saying that this is a Linux problem is like saying that the gaping Macromedia Flash hole is an XP problem.
  UK spammer jailed for six years
  21st, November, 2005

Peter Francis-Macrae, 23, of St Neots, Cambridgeshire, was jailed at Peterborough Crown Court this week after being found guilty of fraudulent trading, threatening to destroy or damage property, making threats to kill, and blackmail. In a six-week trial, the court heard how Francis-Macrae had tricked thousands of businesses into sending him money to register a dot-eu domain name on their behalf.
  Browser developers team up to thwart hackers
  24th, November, 2005

Security developers representing four of the major browser firms have met up to discuss how to combat security threats. Techies working on Internet Explorer, Mozilla/FireFox and Opera teamed up with the folks from Konqueror to discuss how to combat security risks posed by phishing, aging encryption ciphers and inconsistent SSL Certificate practices. A surprising amount of consensus emerged through the informal meeting, hosted by Konqueror's George Staikos in Toronto last week.
  "Wi-Fi Phishing" or "Evil Twin" Attack at Hotspots: How to Secure Your Mobile Workforce
  21st, November, 2005

Using public hotspots is convenient, however you may want to think twice before accessing confidential information via hotspots. Recent headlines raise concern about wireless security issues around hotspots. Particularly the "Evil Twin" attack has received much attention, even though it is based on a tool that is relatively straightforward and has been around for several years.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.