LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: January 2nd 2006 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Adaptive Firewalls with iptables," "Bandwidth monitoring with iptables," "Four Security Resolutions For The New Year," and "DNS Name Prediction With Google."


Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/linsec


LINUX ADVISORY WATCH - This week, advisories were released for phpbb2, ketm, tkdiff, dhis-tools-dns, Mantis, NDB, rssh, OpenMotif, scponly, msec, fetchmail, cpio, php-mbstring, and libgphoto. The distributors include Debian, Gentoo, and Mandriva.

LinuxSecurity.com Feature Extras:

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Ethereal 0.10.14 Release Notes
  30th, December, 2005

Ethereal 0.10.14 has been released. Several security-related vulnerabilities have been fixed. Everyone is encouraged to upgrade.

The following features are new (or have been significantly updated) since the last release: The Windows installer now ships with GTK+ 2.6 instead of GTK+ 2.4. This should fix several long-standing bugs. If you're loading a saved capture file and press "Cancel", Ethereal will now display the packets read up to that point. In previous versions, Ethereal would abort the attempt completely and clear the packet list. This means that if you're loding a huge capture file, you can stop loading in the middle and still be able to analyze part of the file. The maximum number of files allowed in a ring buffer has been increased from 1024 to 10,000. OID to name resolution has been improved. TCP graphs now handle upper and lower bounds better.

http://www.linuxsecurity.com/content/view/121127
 
  Adaptive Firewalls with iptables
  26th, December, 2005

Up until now, we've looked at stateless and stateful firewalls. Remember, stateless firewalls only have the features of a given packet to use as criteria for whether that packet should be passed, blocked, or logged. With a stateful firewall, in addition to the fields in that packet, we also have access to the kernel's table of open connections to use in deciding the fate of this packet. There's a problem, though. Picture an attacker that has launched attacks against almost every port on our web server box for the past half hour. The firewall has successfully repelled all of them, but now the attacker turns her attentions to port 80. All of the hostile overflow attempts are let through unhindered. Why? Because the firewall ruleset allows all traffic to the web server through, and our firewall can't remember the fact that this IP address has been pounding all the other ports on the system.

http://www.linuxsecurity.com/content/view/121099
 
  Bandwidth monitoring with iptables
  27th, December, 2005

Linux has a number of useful bandwidth monitoring and management programs. A quick search on Freshmeat.net for bandwidth returns a number of applications. However, if all you need is a basic overview of your total bandwidth usage, iptables is all you really need -- and it's already installed if you're using a Linux distribution based on the 2.4.x or 2.6.x kernels. Most of the time we use iptables to set up a firewall on a machine, but iptables also provides packet and byte counters. Every time an iptables rule is matched by incoming or outgoing data streams, the software tracks the number of packets and the amount of data that passes through the rules.

http://www.linuxsecurity.com/content/view/121106
 
  Cisco vulnerability posted to Internet
  29th, December, 2005

One day after a security researcher and organizers of the Black Hat USA conference agreed not to post details of vulnerabilities in Cisco 's router software, the information has been published on the Internet.On Friday, the Web site Cryptome.org posted what appear to be slides written to accompany a presentation given by former Internet Security Systems Inc. (ISS) researcher Michael Lynn, at the Black Hat conference in Las Vegas.

http://www.linuxsecurity.com/content/view/121119
 
  An Inexpensive and Versatile IDS
  27th, December, 2005

An intrusion detection system can be an effective technical control in the modern world of information and network security. One option that provides for low cost NIDS sensor deployment is the use of the open source IDS software Snort in combination with a consumer grade LinkSys cable/DSL router and the open source firmware distribution OpenWrt. These three items together form a powerful yet inexpensive unit that delivers IDS, routing, firewall, wireless, and NAT functionality for use in a light-weight environment, i.e. consumer or small business deployments.

http://www.linuxsecurity.com/content/view/121104
 
  D@TA Protection and the Linux Environment
  28th, December, 2005

This is an exciting time for people involved in data protection, and not in the bad way that things can be exciting. Many more options, techniques, and practices have become available to IT professionals. The new technology solves a great many problems. Three major technologies or practices are rapidly changing our ability to protect mission-critical information. First, backup is changing - dramatically. The introduction of disk-to-disk backup systems is shrinking backup windows to nearly zero and bringing restore times in line with modern service levels. With disk-to-disk systems, the traditional tape backup devices are replaced with a hard drive-based system. Using a technique called virtual tape, the disk system emulates the tape system for purposes of software compatibility. Since the disk drives are much faster than tape devices, backup and restore operations are much faster.

http://www.linuxsecurity.com/content/view/121113
 
  Researchers pore over biometrics spoofing data
  29th, December, 2005

Sweaty hands might make you unpopular as a dance partner but they could someday prevent hackers from getting into your bank account. Researchers at Clarkson University have found that fingerprint readers can be spoofed by fingerprint images lifted with Play-Doh or gelatine or a model of a finger moulded out of dental plaster. The group even assembled a collection of fingers cut from the hands of cadavers.

http://www.linuxsecurity.com/content/view/121120
 
  Linux in a Business - Got Root?
  30th, December, 2005

I work for a government contractor, and have recently convinced them to purchase a Beowulf cluster, and start moving their numeric modelers from Sun to Linux. Like most historically UNIX shops, they don't allow users even low-level SUDO access, to do silly things like change file permissions or ownerships, in a tracked environment. I am an ex-*NIX admin myself ,so I understand their perspective and wish to keep control over the environment, but as a user, I'm frustrated by having to frequently call the help-desk just to get a file ownership changed or a specific package installed.

http://www.linuxsecurity.com/content/view/121126
 
  Financial institutions lead march to Linux in Korea
  29th, December, 2005

In the latest in a series of moves aimed at getting Korean government institutions to move away from their reliance on Windows and Unix and adopt open source software, two state-owned financial institutions planned to launch the country's first Linux-based Internet banking services in December.

The state-owned Korea Post and the National Agricultural Cooperative Federation (NACF) have both said their systems will be up and running for Linux users before the end of December as a part of the open source software fostering projects of the Ministry of Information and Communication.

http://www.linuxsecurity.com/content/view/121121
 
  Four Security Resolutions For The New Year
  26th, December, 2005

I always know what my first New Year’s resolution is going to be, because it’s the same every year: lose weight. Chances are, you have the same one. But by the time the Super Bowl happens, and you eat seven thousand calories on that one day, you’ll have already have given up on that resolution.

http://www.linuxsecurity.com/content/view/121098
 
  IT security professionals moving up the corporate pecking order
  26th, December, 2005

Ultimate responsibility for information security is moving up corporate management hierarchies, as board-level directors and CEOs - or CISO/CSOs – are increasingly held accountable for safeguarding IT infrastructures, new research has revealed. The second annual Global Information Security Workforce Study, conducted by global analyst firm IDC and sponsored by not-for-profit IT security educational organisation, the International Information Systems Security Certification Consortium (ISC)2, expects this accountability shift to continue as information security becomes more relevant in risk management and IT governance strategies.

http://www.linuxsecurity.com/content/view/121100
 
  Browser developers meet, see eye to eye on security
  27th, December, 2005

Developers of four major Web browsers -- Konqueror, Mozilla Firefox, Opera, and Internet Explorer (IE) -- gathered at an informal meeting in Toronto on November 17 to review plans and share progress on security improvements and standards. The intents were making security information more meaningful to users, and balancing security for high-traffic sites (such as banks) and smaller organizations and businesses.

http://www.linuxsecurity.com/content/view/121105
 
  Security Is Not Insurance
  27th, December, 2005

What's the hardest part of a chief security officer's job? Evaluating new technologies? Establishing policies for users to follow? Actually, it's more political than that, Jim Routh, chief security officer of Depository Trust & Clearing Corp., said during an Interop presentation Tuesday. "The hardest part of a CSO's job is influencing information security and practices that will be implemented throughout an organization," he said. "It's a delicate process, particularly when you're asking an IT or business manager to rethink how they operate. Education is probably the most important strategic tool for a CSO, without a doubt." And you thought wayward data tapes throwing themselves off of the back of delivery trucks were going to be your biggest challenge.

http://www.linuxsecurity.com/content/view/121108
 
  Rootkits, cybercrime and OneCare
  28th, December, 2005

The year 2005 in net security will likely be remembered as the year of the Sony rootkit DRM controversy. In other ways the last 12 months continued the trend of profit becoming a primary driver for the creation of computer viruses. The last 12 months also witnessed a number of high-profile cybercrime prosecutions, including the sentencing of NetSky author Sven Jaschan.

http://www.linuxsecurity.com/content/view/121111
 
  The Linux Year: A Look Back at 2005
  29th, December, 2005

With the birth of each new year, the accolade of 'year of the penguin' has been dusted off and pre-emptively awarded time after time. 2005 was no different, and there's little reason to suppose that 2006 will underwhelm either.

http://www.linuxsecurity.com/content/view/121122
 
  What Tech Skills Are Hot For 2006?
  29th, December, 2005

There's continued demand for people with information security skills, say Symons and others. And even though long-term demand is expected to remain strong, the growing ranks of people who have obtained IT security certifications has had a short-term dampening effect on compensation.

http://www.linuxsecurity.com/content/view/121123
 
  Record bad year for tech security
  30th, December, 2005

2005 saw the most computer security breaches ever, subjecting millions of Americans to potential identity fraud, according to a report published Thursday. Over 130 major intrusions exposed more than 55 million Americans to the growing variety of fraud as personal data like Social Security and credit card numbers were left unprotected, according to USA Today.

http://www.linuxsecurity.com/content/view/121129
 
  All the Rage: It's 2006: Do You Know Where Your Security Policies Are?
  2nd, January, 2006

It's the beginning of a new year--time to review your approach to security policy. If you think implementing firewalls, IDSs and antivirus/antispam products is enough, you're sorely mistaken. No matter the size of your enterprise, you must define a framework of security policies, standards and procedures for securing valuable corporate assets. If you don't, you may be leaving your company open to a variety of vulnerabilities.

http://www.linuxsecurity.com/content/view/121132
 
  Marriott customer data missing
  29th, December, 2005

A division of the Marriott International hotel empire has notified more than 200,000 clients of back-up security tapes missing from the company’s Orlando corporate offices. The breached records contained personal information of about 206,000 associates, timeshare owners and timeshare customers, the company said this week in a statement. Stephen P. Weisz, Marriott Vacation Club International president, said the company was assisting affected customers.

http://www.linuxsecurity.com/content/view/121118
 
  Data Security Movement Back-Burnered By Lawmakers
  28th, December, 2005

Despite a year's worth of highly publicized security breaches and a lot of talk in Congress this summer on ways to protect consumers, there's been too little done to protect U.S. consumers' data, Gartner research director Avivah Litan says.

http://www.linuxsecurity.com/content/view/121112
 
  DNS Name Prediction With Google
  2nd, January, 2006

As discussed in Google Hacking for Penetration Testers from Syngress publishing[1], there are many different ways to perform network reconnaissance using Google. Since the publication of that text, many different ideas and techniques have come to light. This document addresses one interesting technique, which we’ll call DNS name[2] prediction. This document assumes you have some knowledge of basic network recon, and is not intended as a hand-holding approach to hacking. If you're evil, stop reading this and go work out some aggression on a sack-o-potatoes or something.

http://www.linuxsecurity.com/content/view/121131
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
The Hacktivist as Angry Young Man
The Hacker Wars Hits NYC
CAINE Linux Distribution Helps Investigators With Forensic Analysis
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.