Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linux Security Week: December 5th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "SSL VPNs: Remote Access for the Masses," "10 things you should do to prepare a new Linux installation," and "Internal system vulnerabilities poorly patched."

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LINUX ADVISORY WATCH - This week, perhaps the most interesting articles include zope, gtk, certericq, gdk-pixbuf, horde2, inkscape, chmlib, fuse, netpbm, and the kernel. The distributors include Debian, Gentoo, and Mandriva. Feature Extras:

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to with "subscribe" as the subject.

Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

  A very long chat with Debian's Branden Robinson
  4th, December, 2005

What's your personal point of view about Security? I think it's important. To elaborate, security is important for pretty much the same reason software freedom is important. I believe the user needs to have control over his or her computing environment. A corporate colossus that won't let you modify the operation of your machine, and a malicious hacker who has turned your computer into a "zombie" for sending spam mail, are both examples of activity that disempower the person who should have authority over their property.
  10 things you should do to prepare a new Linux installation
  2nd, December, 2005

There are over 200 different Linux distributions and you will need the patches that are specific to your distribution. Search for needed patches on the web site of your distribution maintainer (example: Debian; Redhat; Lindows, etc.). Other sources for updated software are Freshmeat; Ibiblio; and Linuxberg. Some systems use package managers, such as rpm (Red Hat Package Manager) or deb (Debian Package Manager), while others will require a little more effort. These links should provide access to updated software as well as pretty clear instructions for installation. Be sure to read the documentation since there may be dependencies that will need to be satisfied to ensure a smooth update.
  SSL VPNs: Remote Access for the Masses
  28th, November, 2005

Secure Sockets Layer (SSL) for remote access is based on a simple concept: use the encryption and authentication capabilities built into every Web browser to provide secure remote access to corporate applications. By combining SSL-enabled Web brow- sers with a secure gateway to terminate connections and provide policy enforcement and access control, so-called SSL VPNs provide access to Web-based, legacy client/server, and terminal applications from anywhere-home PCs, hotel business centers, Internet cafes, or a business partner's LAN-without an IPSec VPN client. It's one of those ideas that make you say "Why didn't I think of that?"
  Why Duplicate Packets May Appear on SPAN Ports
  1st, December, 2005

I noticed a post to snort-users today asking if Snort had a problem with duplicate packets: "We have a range of switches being used within our network for port monitoring, and a couple have had to be set up in such a way that you can end up seeing each packet TWICE on the snort interface. I've been told by our network engineers that this has to be the case in order for the IDS to see the networks it needs to on one card." I think I know why this is happening. I cover this issue in day one of my Network Security Operations course.
  Open-source to the Rescue Again
  30th, November, 2005

Traffic on the network had increased all week, but the intrusion-detection system wasn't picking up any malicious traffic. Whatever traffic was traversing the network was considered OK. The servers and desktop systems were all at current patch levels, switches at current IOS levels. Sophos Anti-Virus wasn't showing any virus activity. We hadn't installed any new devices on the network. Yet something had changed and was causing problems.
  How to build and use a Honeypot
  2nd, December, 2005

Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot and what exactly it was I became intrigued with the idea of actually getting back at these mysterious hackers. I want to build a honeypot, put it on my home network, and see what I can attract. I will build a honeypot and put it out for business. I researched what the ideal computer set up would be and built one. I will discuss the computer, how to build one, and what my results were.
  Open Source Backup and Archiving Project Amanda Grows Up
  29th, November, 2005

Amanda is the world's most popular open source Backup and Archiving software. Amanda allows system administrators to set up a single backup server to back up multiple hosts to a tape- or disk-based storage system. Amanda uses native dump and/or GNU tar facilities and can back up a large number of workstations running various versions of Linux, Unix, OS X or Microsoft Windows operating systems.
  Simplifying backups
  30th, November, 2005

Most computer users don't make use of a system backup tool until after they suffer the misfortunes of a hard drive crash without one. But even then, many find backup software too complicated to configure, and there seems to be little in between creating CD or DVD archives by hand and overpowered network backup systems designed for the enterprise. The Simple Backup Suite (sbackup) is a tool for configuring regular backups of system data and simplifying full and partial recoveries.
  Linux - the new target for threats?
  1st, December, 2005

When one thinks of malicious attacks on a businesses network, most assume that the organisation has taken all necessary precautions. But what happens in a Linux or “open source� environment? Don’t think the users can smile smugly in the confidence that Windows is the only target, writes Christopher Bray. When one thinks of malicious attacks on a businesses network, most assume that the organisation has in preparation ensured its network and nodes have the latest version of anti-virus software, additional protection in the form of gateway protection, intrusion detection and, in some cases, intrusion prevention, firewalls and all the necessary tools to prevent a disaster.
  Gartner: 2005 hurricanes prompt more companies to store data off-site
  2nd, December, 2005

The number of companies making copies of data to protect it has dramatically risen in the wake of hurricanes Katrina and Wilma this year, but most of those companies are keeping that duplicate data locally where it's still vulnerable to disasters, according to a survey released yesterday by Gartner Inc. The September survey of 104 North American IT managers showed that 45% of respondents back up or replicate data to another disk, up from just 6% who did so in 2004. But 70% of the respondents who make backups do so to a local device.
  European project takes new approach to information security
  29th, November, 2005

Despite millions of dollars spent by IT companies, digital security often contains more holes than a Swiss cheese. One European project plans to plug those holes by creating a virtual security framework independent of both devices and the networks they are trying to access. SEINIT, the Security Experts Initiative, offers the promise of seamless security regardless of hardware, software or access protocol, whether it's mobile phones, bluetooth, WiFi, ethernet or broadband connection. And this will be achieved without sacrificing privacy.
  Expert: audits not enough
  29th, November, 2005

Corporations must do more than just conduct audits to protect against evolving security threats, a security compliance expert warned this week. Chris Noell, vice president of business development and compliance for Solutionary, said in a statement that forced compliance could actually weaken a company's defense.
  Why judgment matters in a security professional
  1st, December, 2005

The case of Daniel Cuthbert, a.k.a. The Tsunami Hacker, raises a great deal of issues relevant to computing managers. The background of the case, which is basically uncontested, is that Cuthbert, based in the U.K., donated money to a tsunami relief fund-raising Web site. When he didn't receive a confirming "Thank You" message, he thought he possibly fell victim to a phishing attack and decided to investigate.
  IT security professionals in demand in 2006
  1st, December, 2005

Unprecedented demand for IT security professionals has employers fighting to retain talent. This is particularly true for Certified Information Systems Security Professionals (CISSP), according to the latest market trends report from Ambition. In fact, certified IT workers are in such high demand that some employers have stopped including them in staff development programs fearing they will be better prepared to walk out the door, Ambition technology director Jane Bianchini said. This demand, which has dominated 2005 recruiting, will continue in 2006.
  Photos: Inside Symantec's secure bunker
  1st, December, 2005

The Symantec bunker was built by the UK government in the early 1990s to shelter key utilities workers in the event of a nuclear attack and was originally a reservoir. The entrance is set into a hill near Winchester.
  Internal system vulnerabilities poorly patched
  2nd, December, 2005

Gerhard Eschelbeck, CTO of Qualys and leading vulnerabilities researcher, said that internal systems are still not being patched fast enough compared with external ones. “There is a bigger perceived risk with external vulnerabilities�, Eschelbeck told delegates at CSI 2005 in Washington earlier this week, “but the reality is otherwise�.
  US moves forward on data privacy
  28th, November, 2005

A draft US law to increase the security and privacy of personal information held by companies took a step forward last week, when it was approved by the influential Senate Judiciary Committee. The bill includes a duty to disclose security breaches.
  FTC Study Concludes Masking, Filtering Stop Spammers
  30th, November, 2005

Trickery and technology both play key roles in managing spam, according to a study released yesterday by the Federal Trade Commission. The agency looked at three aspects of spamming and efforts to control it: the automated harvesting of E-mail addresses on public areas of the Internet; using E-mail address masking to reduce address harvesting; and the effectiveness of spam filtering by Internet Service Providers.
  ID card scheme tackled at London University
  2nd, December, 2005

John Daugman, Cambridge-based pioneer of iris recognition told an audience of sixty security professionals, lawyers, and privacy advocates last night: “it is Orwellian to base a political campaign on disinformation�. Daugman had in his sights the LSE report, published in July, critical of the UK government’s identity cards scheme. Simon Davies, Visiting Fellow, Information Systems Department, LSE, also in attendance, conceded that the iris recognition sections of the original report were in error, and are being excised.
  Agencies must monitor insider network threats, expert says
  29th, November, 2005

Agency networks are more vulnerable than ever, according to a former CIA official and cybersecurity expert, and the greatest threat to an organization’s network security may come from within. Eric Cole, who worked for the CIA for more than five years, told an audience of government and corporate security professionals today at the inaugural Techno Forensics Conference at the National Institute of Standards and Technology that despite their best efforts, networks are only getting more porous.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.