Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LINUX ADVISORY WATCH - Happy Holidays! This week, advisories were released for dropbear, nbd, phpbb2, OpenLDAP, Xpdf, cURL, CenterICQ, digikam, apache2, sudo, kernel, netpbm, udev, gpdf, kdegraphics, cups, and perl. The distributors include Debian, Gentoo, Mandriva, and Red Hat.
LinuxSecurity.com Feature Extras:
Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Hold the Photons! | ||
20th, December, 2005
How would you feel if you invested millions of dollars in quantum cryptography, and then learned that you could do the same thing with a few 25-cent Radio Shack components? I'm exaggerating a little here, but if a new idea out of Texas A&M University turns out to be secure, we've come close. |
||
OpenSSH cutting edge | ||
20th, December, 2005
Federico Biancuzzi interviews OpenSSH developer Damien Miller to discuss features included in the upcoming version 4.3, public key crypto protocols details, timing based attacks and anti-worm measures. |
||
Encryption: A nice idea that few want to implement? | ||
23rd, December, 2005
Companies are not embracing encryption as a way to protect sensitive data. According to Ponemon Institute's 2005 National Encryption Survey, only 4.2% of companies responding to our survey say their organizations have an enterprisewide encryption plan. |
||
Pre-Review: Penetration Tester's Open Source Toolkit | ||
23rd, December, 2005
Today I received a copy of the new Syngress book Penetration Tester's Open Source Toolkit by Johnny Long, Chris Hurley, SensePost, Mark Wolfgang, Mike Petruzzi, et al. This book appears unnecessarily massive; it's probably 1/2 thicker than my first book, but at 704 pages it's nearly 100 pages shorter than Tao. I think Syngress used thicker, "softer" paper, if that makes sense to anyone. |
||
Adaptive Firewalls with iptables | ||
26th, December, 2005
Up until now, we've looked at stateless and stateful firewalls. Remember, stateless firewalls only have the features of a given packet to use as criteria for whether that packet should be passed, blocked, or logged. With a stateful firewall, in addition to the fields in that packet, we also have access to the kernel's table of open connections to use in deciding the fate of this packet. There's a problem, though. Picture an attacker that has launched attacks against almost every port on our web server box for the past half hour. The firewall has successfully repelled all of them, but now the attacker turns her attentions to port 80. All of the hostile overflow attempts are let through unhindered. Why? Because the firewall ruleset allows all traffic to the web server through, and our firewall can't remember the fact that this IP address has been pounding all the other ports on the system. |
||
New biometrics software looks for sweat | ||
23rd, December, 2005
Researchers at Clarkson University have found that fingerprint readers can be spoofed by fingerprint images lifted with Play-doh or gelatin or a model of a finger molded out of dental plaster. The group even assembled a collection of fingers cut from the hands of cadavers. |
||
Ping: ICMP vs. ARP | ||
22nd, December, 2005
Today almost every organization employs firewalls for enhanced security. Firewalls can be set up in such a way that Internet Control Message Protocol (ICMP) requests are blocked, which means that traditional pings do not work. Setting a firewall to block ICMP requests is based on the theory that if a would-be hacker cannot "see" the target, he may not attack the host. |
||
Protecting against undefined exploits and security threats | ||
21st, December, 2005
There is a wealth of tools available to help protect the enterprise from security threats. Firewalls, virtual private networks, strong user authentication, encryption, intrusion detection/prevention systems (IDS/IPS), email filters, antivirus, vulnerability scanners are all options. Each of these point solutions is capable of addressing a specific element of the security mosaic. In order to address their limitations many enterprises attempt to aggregate these solutions in a futile attempt to achieve effective IT security. |
||
Security-Enhanced Linux Moving into Mainstream | ||
19th, December, 2005
Security Enhanced Linux has move into the mainstream of operating system architecture in recent years. For those who don't understand the technology, many articles exist. SELinux provides mandatory access control to a wider audience. It helps eliminate O-day attacks. The agenda for the 2006 SELinux Symposium has just been announced and some project leaders of Linux distributions may way want to attended. |
||
Security the focus as Debian upgrades | ||
21st, December, 2005
The Debian Project has released an update to its popular GNU/Linux distribution, with security-related bugfixes a key feature. |
||
Nessus 3.0: The End of the Age of Open-Source Innocence? | ||
22nd, December, 2005
"Here's the danger we are running into," said Alan Shimel, Chief Strategy Officer for StillSecure. "People contribute resources to these communities, whether it be time, money, or code. When they see everything they give converted for the commercial success of an individual rather than as a community as a whole, how long do you think they are going to want to keep giving?" |
||
VMWare: Virtual Machine Security Flaw 'Very Serious' | ||
23rd, December, 2005
Virtual infrastructure software maker VMWare Inc. has rushed out fixes for a "very serious" security flaw that put users of its product line at risk of code execution attacks. The vulnerability, which affects both Windows and Linux systems, affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1 and the free VMware Player 1.0. All previous versions of these products are also affected. |
||
Viewing 2005: The year in security | ||
19th, December, 2005
The security events of 2005 led some to believe things were getting better when, in truth, it was more the case that what you can't see really can hurt you. The surface may have appeared still and unthreatening but underneath the currents were anything but friendly, as Will Sturgeon explains. Phishing, spam, spyware, Trojans, viruses and worms - you'd be forgiven for thinking 2005 was very much 'same old, same old' but there were trends which came to light during the past 12 months that will have the security experts scrutinising their radars long into the New Year. |
||
The Enemy Within | ||
19th, December, 2005
Workers across Europe are continuing to place their own companies at risk from information security attacks. This 'threat from within' is undermining the investments organisations make to defend against security threats, according to a study by security firm McAfee. |
||
Social Engineering And Other Threats To Internal Security | ||
21st, December, 2005
Consider the following scenario. A good looking woman is wandering around your premises and approaches you asking to show her how to use some functions in Excel or any other application. Do you start quizzing her on who she is, from what department does she come from or do you invite her to your PC and show her what she needs to know? Let’s say you choose the latter and then she asks you for a drink, would you leave her unattended at your PC or do you get her to accompany you? |
||
Firms count the cost of security threats | ||
20th, December, 2005
Security threats soared during 2005, along with the risk of financial losses, but a new report shows that companies still aren't heeding the warnings. According to the State of Information Security 2005 report from PricewaterhouseCoopers and CIO Magazine, not only are security-related events up 22.4 percent on last year's figures, but the number of organisations reporting financial losses as a result of the attacks is also surging. Twenty-two percent of companies said they had been hit financially, compared with last year's 7 per cent. |
||
Information Security for Small Businesses | ||
20th, December, 2005
Due to technological advances, the rapid growth of the Internet, and a significant decline in computer and network equipment prices in recent years, many technologies and systems that were once only available to large corporations are now employed by the small business community. Thanks to the Internet and the world of ecommerce, small businesses can dramatically increase their customer base and reach new markets by selling their products and services online. |
||
Study: Network security market to reach $6 billion | ||
20th, December, 2005
Network security software and hardware is expected to be a $6 billion market by 2008, a jump fueled primarily by the increasing need for companies to purchase products that secure content and devices, such as intrusion prevention systems (IPS) and network access control (NAC) equipment. |
||
Security: Forensic Tools in Court | ||
21st, December, 2005
An interesting question comes to mind when you use as many open source forensic and security tools as I do †|