LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: December 26th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Adaptive Firewalls with Iptables," "Protecting against undefined exploits and security threats," and "Four Security Resolutions For The New Year."


Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/linsec


LINUX ADVISORY WATCH - Happy Holidays! This week, advisories were released for dropbear, nbd, phpbb2, OpenLDAP, Xpdf, cURL, CenterICQ, digikam, apache2, sudo, kernel, netpbm, udev, gpdf, kdegraphics, cups, and perl. The distributors include Debian, Gentoo, Mandriva, and Red Hat.

LinuxSecurity.com Feature Extras:

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Hold the Photons!
  20th, December, 2005

How would you feel if you invested millions of dollars in quantum cryptography, and then learned that you could do the same thing with a few 25-cent Radio Shack components? I'm exaggerating a little here, but if a new idea out of Texas A&M University turns out to be secure, we've come close.

http://www.linuxsecurity.com/content/view/121045
 
  OpenSSH cutting edge
  20th, December, 2005

Federico Biancuzzi interviews OpenSSH developer Damien Miller to discuss features included in the upcoming version 4.3, public key crypto protocols details, timing based attacks and anti-worm measures.

http://www.linuxsecurity.com/content/view/121048
 
  Encryption: A nice idea that few want to implement?
  23rd, December, 2005

Companies are not embracing encryption as a way to protect sensitive data. According to Ponemon Institute's 2005 National Encryption Survey, only 4.2% of companies responding to our survey say their organizations have an enterprisewide encryption plan.

However, the study also reveals that encryption is viewed by many as an important security tool that enhances the IT professionals' overall sense of trust or comfort in data-protection efforts. The primary reasons cited for not encrypting sensitive or confidential information were concern about system performance (69%), complexity (44%) and cost (25%). (See "Securing Card Data Isn't An Easy Sell.")

http://www.linuxsecurity.com/content/view/121088
 
  Pre-Review: Penetration Tester's Open Source Toolkit
  23rd, December, 2005

Today I received a copy of the new Syngress book Penetration Tester's Open Source Toolkit by Johnny Long, Chris Hurley, SensePost, Mark Wolfgang, Mike Petruzzi, et al. This book appears unnecessarily massive; it's probably 1/2 thicker than my first book, but at 704 pages it's nearly 100 pages shorter than Tao. I think Syngress used thicker, "softer" paper, if that makes sense to anyone.

http://www.linuxsecurity.com/content/view/121087
 
  Adaptive Firewalls with iptables
  26th, December, 2005

Up until now, we've looked at stateless and stateful firewalls. Remember, stateless firewalls only have the features of a given packet to use as criteria for whether that packet should be passed, blocked, or logged. With a stateful firewall, in addition to the fields in that packet, we also have access to the kernel's table of open connections to use in deciding the fate of this packet. There's a problem, though. Picture an attacker that has launched attacks against almost every port on our web server box for the past half hour. The firewall has successfully repelled all of them, but now the attacker turns her attentions to port 80. All of the hostile overflow attempts are let through unhindered. Why? Because the firewall ruleset allows all traffic to the web server through, and our firewall can't remember the fact that this IP address has been pounding all the other ports on the system.

http://www.linuxsecurity.com/content/view/121099
 
  New biometrics software looks for sweat
  23rd, December, 2005

Researchers at Clarkson University have found that fingerprint readers can be spoofed by fingerprint images lifted with Play-doh or gelatin or a model of a finger molded out of dental plaster. The group even assembled a collection of fingers cut from the hands of cadavers.

In a systematic test of more than 60 of the carefully crafted samples, the researchers found that 90 percent of the fakes could be passed off as the real thing.

http://www.linuxsecurity.com/content/view/121089
 
  Ping: ICMP vs. ARP
  22nd, December, 2005

Today almost every organization employs firewalls for enhanced security. Firewalls can be set up in such a way that Internet Control Message Protocol (ICMP) requests are blocked, which means that traditional pings do not work. Setting a firewall to block ICMP requests is based on the theory that if a would-be hacker cannot "see" the target, he may not attack the host.

http://www.linuxsecurity.com/content/view/121078
 
  Protecting against undefined exploits and security threats
  21st, December, 2005

There is a wealth of tools available to help protect the enterprise from security threats. Firewalls, virtual private networks, strong user authentication, encryption, intrusion detection/prevention systems (IDS/IPS), email filters, antivirus, vulnerability scanners are all options. Each of these point solutions is capable of addressing a specific element of the security mosaic. In order to address their limitations many enterprises attempt to aggregate these solutions in a futile attempt to achieve effective IT security.

http://www.linuxsecurity.com/content/view/121068
 
  Security-Enhanced Linux Moving into Mainstream
  19th, December, 2005

Security Enhanced Linux has move into the mainstream of operating system architecture in recent years. For those who don't understand the technology, many articles exist. SELinux provides mandatory access control to a wider audience. It helps eliminate O-day attacks. The agenda for the 2006 SELinux Symposium has just been announced and some project leaders of Linux distributions may way want to attended.

http://www.linuxsecurity.com/content/view/121038
 
  Security the focus as Debian upgrades
  21st, December, 2005

The Debian Project has released an update to its popular GNU/Linux distribution, with security-related bugfixes a key feature.

"This is the first update of Debian GNU/Linux 3.1 (codename 'Sarge') which mainly adds security updates to the stable release, along with some corrections to serious problems," said Debian security team member Martin Schulze in an e-mail announcing the update.

http://www.linuxsecurity.com/content/view/121067
 
  Nessus 3.0: The End of the Age of Open-Source Innocence?
  22nd, December, 2005

"Here's the danger we are running into," said Alan Shimel, Chief Strategy Officer for StillSecure. "People contribute resources to these communities, whether it be time, money, or code. When they see everything they give converted for the commercial success of an individual rather than as a community as a whole, how long do you think they are going to want to keep giving?"

http://www.linuxsecurity.com/content/view/121077
 
  VMWare: Virtual Machine Security Flaw 'Very Serious'
  23rd, December, 2005

Virtual infrastructure software maker VMWare Inc. has rushed out fixes for a "very serious" security flaw that put users of its product line at risk of code execution attacks. The vulnerability, which affects both Windows and Linux systems, affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1 and the free VMware Player 1.0. All previous versions of these products are also affected.

http://www.linuxsecurity.com/content/view/121091
 
  Viewing 2005: The year in security
  19th, December, 2005

The security events of 2005 led some to believe things were getting better when, in truth, it was more the case that what you can't see really can hurt you. The surface may have appeared still and unthreatening but underneath the currents were anything but friendly, as Will Sturgeon explains. Phishing, spam, spyware, Trojans, viruses and worms - you'd be forgiven for thinking 2005 was very much 'same old, same old' but there were trends which came to light during the past 12 months that will have the security experts scrutinising their radars long into the New Year.

http://www.linuxsecurity.com/content/view/121039
 
  The Enemy Within
  19th, December, 2005

Workers across Europe are continuing to place their own companies at risk from information security attacks. This 'threat from within' is undermining the investments organisations make to defend against security threats, according to a study by security firm McAfee.

http://www.linuxsecurity.com/content/view/121040
 
  Social Engineering And Other Threats To Internal Security
  21st, December, 2005

Consider the following scenario. A good looking woman is wandering around your premises and approaches you asking to show her how to use some functions in Excel or any other application. Do you start quizzing her on who she is, from what department does she come from or do you invite her to your PC and show her what she needs to know? Let’s say you choose the latter and then she asks you for a drink, would you leave her unattended at your PC or do you get her to accompany you?

http://www.linuxsecurity.com/content/view/121062
 
  Firms count the cost of security threats
  20th, December, 2005

Security threats soared during 2005, along with the risk of financial losses, but a new report shows that companies still aren't heeding the warnings. According to the State of Information Security 2005 report from PricewaterhouseCoopers and CIO Magazine, not only are security-related events up 22.4 percent on last year's figures, but the number of organisations reporting financial losses as a result of the attacks is also surging. Twenty-two percent of companies said they had been hit financially, compared with last year's 7 per cent.

http://www.linuxsecurity.com/content/view/121046
 
  Information Security for Small Businesses
  20th, December, 2005

Due to technological advances, the rapid growth of the Internet, and a significant decline in computer and network equipment prices in recent years, many technologies and systems that were once only available to large corporations are now employed by the small business community. Thanks to the Internet and the world of ecommerce, small businesses can dramatically increase their customer base and reach new markets by selling their products and services online.

http://www.linuxsecurity.com/content/view/121047
 
  Study: Network security market to reach $6 billion
  20th, December, 2005

Network security software and hardware is expected to be a $6 billion market by 2008, a jump fueled primarily by the increasing need for companies to purchase products that secure content and devices, such as intrusion prevention systems (IPS) and network access control (NAC) equipment.

http://www.linuxsecurity.com/content/view/121058
 
  Security: Forensic Tools in Court
  21st, December, 2005

An interesting question comes to mind when you use as many open source forensic and security tools as I do � if I ever go to court over this case, will my tools be considered valid? When you do examine this issue closely, you find many versions of the answer, both on the legal and techie sides.

http://www.linuxsecurity.com/content/view/121063
 
  Preparing for day zero
  21st, December, 2005

The zero-day spectre is looming ever larger.

Nimda struck in 2001 – a year after Microsoft issued a patch for the security hole in Internet Explorer. In 2003, Slammer exploited a vulnerability for which a patch had been issued six months earlier. Then with Blaster, the window was down to three weeks. “If you had no time to patch in 2001, and no time to patch in 2003, what about now with three weeks? And what about the Zotob worm – five days?�

http://www.linuxsecurity.com/content/view/121070
 
  Security Risks You and Your Family Impose on your Companies’ Computing and Networking Assets
  22nd, December, 2005

Computer and Network Security is quickly becoming Information Technology’s hot occupation. After the colossal disasters of the September, 2001 terrorist attacks and the more recent natural disasters companies have looked long and hard at how to better protect their computing and networking assets from the numerous hackers, natural disasters and foreign terrorists. This includes spending more resources on hardware, upgrading software, and relearning Information Technology priorities. Unfortunately, a grand majority of the greatest minds in Information Technology Security are overlooking the one element that can stroll right up to a companies computing asset and destroy it in one or two clicks. It’s you the employee, your family or family friend.

http://www.linuxsecurity.com/content/view/121074
 
  Rising to a Higher Standard Isn't Easy
  22nd, December, 2005

Some employees are held to a higher standard of behavior than most. Anyone in a position with broad powers or influence falls into this group, including accountants, managers, systems administrators -- and information security professionals. Like systems administrators, information security professionals generally have access to a great deal of data and information. Even if they don't have direct access, they generally know how to obtain it by exploiting a weakness (like hackers, but with the opposite intent) or by simply giving themselves elevated privileges.

http://www.linuxsecurity.com/content/view/121075
 
  Top 7 PHP Security Blunders
  23rd, December, 2005

PHP is a terrific language for the rapid development of dynamic Websites. It also has many features that are friendly to beginning programmers, such as the fact that it doesn't require variable declarations. However, many of these features can lead a programmer inadvertently to allow security holes to creep into a Web application. The popular security mailing lists teem with notes of flaws identified in PHP applications, but PHP can be as secure as any other language once you understand the basic types of flaws PHP applications tend to exhibit.

http://www.linuxsecurity.com/content/view/121090
 
  Four Security Resolutions For The New Year
  26th, December, 2005

I always know what my first New Year’s resolution is going to be, because it’s the same every year: lose weight. Chances are, you have the same one. But by the time the Super Bowl happens, and you eat seven thousand calories on that one day, you’ll have already have given up on that resolution.

http://www.linuxsecurity.com/content/view/121098
 
  IT security professionals moving up the corporate pecking order
  26th, December, 2005

Ultimate responsibility for information security is moving up corporate management hierarchies, as board-level directors and CEOs - or CISO/CSOs – are increasingly held accountable for safeguarding IT infrastructures, new research has revealed. The second annual Global Information Security Workforce Study, conducted by global analyst firm IDC and sponsored by not-for-profit IT security educational organisation, the International Information Systems Security Certification Consortium (ISC)2, expects this accountability shift to continue as information security becomes more relevant in risk management and IT governance strategies.

http://www.linuxsecurity.com/content/view/121100
 
  Feds Say Computer Surveillance Hindered Without Patriot Act
  22nd, December, 2005

In part of a major Bush Administration lobbying blitz Wednesday, the Department of Justice has released a list of technology-related ramifications if the remaining provisions of the Patriot Act aren't passed by Dec. 31. Lobbying hard for the passage of the remaining portions of the broad-sweeping legislation, the department released a statement Wednesday stating that the federal government would revert back to a "pre-9/11 mode of information sharing…where terrorists and spies can use technology against us."

http://www.linuxsecurity.com/content/view/121076
 
  Dutch Botnet Bigger Than Expected
  22nd, December, 2005

Dutch prosecutors who last month arrested a trio of young men for creating a large botnet allegedly used to extort a U.S. company, steal identities, and distribute spyware now say they bagged bigger prey: a botnet of 1.5 million machines.

http://www.linuxsecurity.com/content/view/121081
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
How Cops and Hackers Could Abuse Californias New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.