Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linux Security Week: December 19th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Inexpensive Cisco Network Log Analysis," "Computer security isn't a technological problem, it's an economic one," and "Where Do You Put Your Security Dollars?"

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LINUX ADVISORY WATCH - This week, advisories were released for courier, osh, curl, ethereal, phpMyAdmin, Openswan, Xmail, Ethereal, perl, openvpn, thunderbird, xmovie, mplayer, and ffmpeg. The distributors include Debian, Gentoo, Mandriva. Feature Extras:

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to with "subscribe" as the subject.

Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

  DoS attack risk for Firefox 1.5 users
  13th, December, 2005

Exploit code for the latest version of open-source browser Firefox was published on Wednesday, potentially putting users at risk of a denial of service (DoS) attack. The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2. Firefox, which initially debuted more than a year ago, has moved swiftly to capture eight per cent of the browser market.
  Memory management by the Linux kernel: #2 inside the kernel
  14th, December, 2005

This is the second article about memory management by the Linux kernel. The first article took you through the memory in the user space. This second article will explain how memory management is done inside the kernel itself. I recommend reading the first article before starting on this one. Now we know how the kernel manages memory from the first article, let’s have a look how the kernel allows you to allocate and free memory inside the kernel.
  Inexpensive Cisco Network Log Analysis
  12th, December, 2005

This document is intended to explain why network logging and log analysis is important, and provide instructions for people who want to do this on their Cisco equipment (especially the PIX firewall) without spending a lot of money. Although you may not get all of the spiffy features that you will find in high-end offerings from companies like Cisco, NetIQ, Symantec and others, you can get a very good security bang for the buck with simple and inexpensive systems. Although this document is specifically intended for logging on a Cisco PIX, pretty much the same commands should work for other devices such as routers. You will see different screens, and Sawmill may detect them differently, but it is essentially the same process.
  Security Expert Finds Port Scans Not Tied To Hack Attacks
  13th, December, 2005

Port scanning, the practice of sniffing for computers with unprotected and open ports, isn't much of a harbinger of an attack, a University of Maryland researcher said Monday. Michel Cukier, an assistant professor at the College Park, Maryland-based school, said that contrary to common thought, few port scans actually result in an attack. In fact, only about five percent of attacks are preceded by port scans alone.
  Symantec Announces New Proactive Behavior-Based Host Intrusion Prevention Solution
  12th, December, 2005

Symantec Corp. today announced Symantec Critical System Protection 5.0, a proactive behavior-based intrusion prevention solution for multi-layered protection of servers and critical clients running on Windows, UNIX and Linux platforms. Available later this month, Symantec Critical System Protection provides zero-day protection against application and operating system attacks, enhanced auditing and compliance enforcement, enterprise reporting capabilities, and improved manageability of heterogeneous environments from a single management console. Using a unique combination of signature and behavior-based detection, this enterprise class product helps prevent system downtime while protecting critical information assets.
  Low Cost Technique for Intrusion Detection
  14th, December, 2005

I have attempted to uncover and explore a free and easy solution for the cost conscience small to medium size network to incorporate Intrusion Detection. The paper will focus on the aspects of free tools in relation to Intrusion Detection. I will define the tools I am using, where I will place the tools within the network, why I decided to place the tool in this particular location, and what defense mitigation the tool should assist.
  Securely setting up a Linux PC
  15th, December, 2005

Linux, like Microsoft Windows, is simply a computer operating system but Linux in itself is not a magic wand that can be waved and make all sorts of computing problems disappear. While Windows has its own set of problems, so too does Linux. There is no such thing as a perfect or completely secure computer operating system. Whether the machine will be a desktop computer or a server; purpose is a key to understanding how to initially install and configure your Linux PC.
  Tenable Releases Nessus 3.0
  13th, December, 2005

Tenable Network Security, Inc., a leading developer of security management solutions and creator of the popular and award-winning Nessus vulnerability scanner, today announced the general availability of Nessus 3.0 for the Linux and FreeBSD platforms. Nessus 3.0 was developed in response to growing market demand from enterprises, government agencies and consultants for a commercially licensed version of Nessus. Nessus 3.0 users will now have access to a number of commercial support and training options from Tenable Network Security. Tenable Network Security will continue to manage, distribute and maintain the open source version, Nessus 2.x.
  No consensus on cost of security
  12th, December, 2005

When it comes to IT security, companies put products before people according to the latest research from security training company (ISC)² which shows that products and services eat up more money than spending on personnel. Organisations globally spend approximately 57 percent of their IT security budgets on security products and services. The remaining 43 percent is spent on personnel, education and training, according to the (ISC)² Global Information Security Workforce Study.
  It's the Economics, Techie
  12th, December, 2005

Computer security isn't a technological problem -- it's an economic one. That is the message Bruce Schneier, CTO of Counterpane Internet Security and the author of "Beyond Fear: Thinking Sensibly About Security in an Uncertain World," repeated throughout his keynote address here Thursday at the infoSecurity Conference in New York's Jacob K. Javits Center. Schneier, a security technologist, said the future of security is getting harder to predict and warned the several hundred tech professionals on hand that they must start paying attention to the economics of security if they hoped for technology to keep pace.
  SANS: Lack of I.T. Security Training Makes U.S. Vulnerable
  13th, December, 2005

The SANS Institute warned that U.S. government, military contractor, and bank computer systems are facing a barrage of attacks from overseas hackers, and that network-security management lacks the training to mount an adequate defense. "American government and corporate computer systems are being riddled with online attacks," said Allan Paller, director of research at Bethesda, Maryland-based SANS. "But there is a culture of secrecy, and government departments, defense contractors, and banks are not talking about the attacks."
  Firms count the cost of security threats
  13th, December, 2005

Security threats soared during 2005, along with the risk of financial losses, but a new report shows that companies still aren't heeding the warnings. According to the State of Information Security 2005 report from PricewaterhouseCoopers and CIO Magazine, not only are security-related events up 22.4 percent on last year's figures, but the number of organisations reporting financial losses as a result of the attacks is also surging. Twenty-two percent of companies said they had been hit financially, compared with last year's 7 per cent.
  Counter for "Trusting Trust" attack found
  13th, December, 2005

Since 1974, there has been one security attack that has been claimed to be essentially uncounterable: the "Trusting Trust" attack. In this attack, the compiler is subverted, which can then subvert everything else. In 1984, Ken Thompson demonstrated it and made it widely known. David A. Wheeler has published a paper that claims to be the antidote to the "Trusting Trust" attack. Interestingly enough, its results are far more helpful if your compiler is open source software.

The "trusting trust" attack subverts the compiler binary; if the attacker succeeds, you're doomed. Well, til now.
  SANS Will Start College for IT Security
  14th, December, 2005

The SANS Institute has been granted approval by the State of Maryland to create a college and plans to begin accepting candidates for Masters of Science degrees in information security, according to a SANS statement. SANS will offer MS degrees in two subjects: Information Security Engineering and Information Security Management. Students will have to prove technical mastery of technologies and processes used by security experts, as well as management skills like communications and project management, according to a SANS statement.
  We Need Assurance!
  14th, December, 2005

When will I be secure? Nobody knows for sure, but it cannot happen before commercial security products and services possess not only enough functionality to satisfy customer's stated needs, but also sufficient assurance of quality, reliability, safety, and appropriateness for use. Such assurances are lacking in most of today's commercial security products and services. Paths to better assurance in Operating Systems, Applications, and Hardware through better development environments, requirements definition, systems engineering, quality certification, and legal constraints are discussed and examples given.
  Study: employees leak secrets
  15th, December, 2005

Employees sending confidential information to the outside world through email is an unseen threat to corporate security, a new business risk survey revealed. A study by Mirapoint and the Radicati Group said 6 percent of corporate employees admitted to emailing confidential information outside their company.
  Not all dangers have a headline
  15th, December, 2005

The crash of the trading system at the Tokyo Stock Exchange because of a software problem offers a timely reminder that disaster recovery and business continuity planning are essential not simply because of the more sensational incidents such as terrorist attacks, fires or bird flu.
  Early advice for '06: Outsource security
  15th, December, 2005

While I am an analyst who focuses on information security, I am a business guy at heart. With this background, let me offer some advice to my business peers: Outsource security (or some subset thereof) in 2006!
  Researchers: Flaw auctions would improve security
  16th, December, 2005

The auction may have set a record price for a highlighter pen and an 8-by-11-inch sheet of paper. The last reported bid before the listing was deleted without ceremony was $1,200. The price might seem excessive, but the value lay in what some researchers believed was on the paper: Information about an unpatched vulnerability in Microsoft Excel.
  Survivor's Guide to 2006: Security
  16th, December, 2005

The writing is on the wall: Organizations and individuals will be held accountable for security breaches. The rash of exposures of personally identifiable information (PII) from the likes of ChoicePoint, Lexis-Nexis, Bank of America, CardSystems and a host of other for-profit and nonprofit organizations is just the beginning. Luckily for consumers, state and federal lawmakers are introducing regulations that require exposures to be reported. Someone's head is going to roll; don't let it be yours.
  Warning toned down on Perl app flaws
  16th, December, 2005

The Perl Foundation has toned down a warning on a type of vulnerability commonly found in applications written in the Perl programming language. Two weeks after experts sounded an alarm on so-called "format string flaws" in Perl applications, changes have been made to Perl. These updates ensure that such flaws can't be used as a conduit to run malicious code on target systems, Andy Lester, a spokesman for the Perl Foundation and co-author of the book "Pro Perl Debugging," said on Thursday.
  'Second Life' turns attacker in to FBI
  16th, December, 2005

It seems that the online virtual world "Second Life" is no place hackers and other digital vandals should take lightly when considering who to hit with denial-of-service attacks. That much became clear this week, according to the blog Second Life Herald, when Philip Rosedale, CEO of "Second Life" publisher Linden Lab, announced during a virtual holiday party in the open-ended digital world that he had turned the perpetrators of a series of grid crashes over to the FBI.
  Hacker attacks in US linked to Chinese military
  14th, December, 2005

A systematic effort by hackers to penetrate US government and industry computer networks stems most likely from the Chinese military, the head of a leading security institute said.
  Found a security hole? It could be worth $2,000.
  15th, December, 2005

It seems we exaggerated the innovation of Com/TippingPoint’s controversial Zero Day Initiative. The scheme pays vetted researchers to report vulnerabilities to the company in a responsible way, thereby avoiding these holes getting into the public domain and being exploited by criminals and hackers before patch has been written.
  New Software Protects Wi-Fi Hardware
  12th, December, 2005

While Wi-Fi hardware makers now consider security features par for the course in their products, third-party wireless security companies are still coming up with new ways to secure the hardware of their bigger brethren. AirDefense Inc. this week will launch Version 7.0 of AirDefense Enterprise, the Alpharetta, Ga., company's signature wireless security and management software. Version 7.0 can keep track of and secure up to 300,000 wireless devices and 10,000 dedicated RF (radio frequency) sensors, officials said.
  Creating secure wireless access points with OpenBSD and OpenVPN
  14th, December, 2005

You know how insecure 802.11x wireless networks are. In this article we'll create an OpenBSD-based secure wireless access point that prevents unauthorized access and encrypts every packet using a VPN tunnel. OpenBSD is one of the most secure operating systems available, is easy to use, and includes almost everything you need for this project in the base installation.
  Where Do You Put Your Security Dollars?
  16th, December, 2005

Security solutions seem to be growing at a faster rate than the problems. How do you tell what approach to take? Be the first to comment on this article In a recent panel discussion I was on it was suggested that spending on the conventional threat mitigation aspects of security was headed for a leveling off, and that the real growth was in compliance issues.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.