Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LINUX ADVISORY WATCH - This week, advisories were released for phpbb2, ketm, tkdiff, dhis-tools-dns, Mantis, NDB, rssh, OpenMotif, scponly, msec, fetchmail, cpio, php-mbstring, and libgphoto. The distributors include Debian, Gentoo, and Mandriva.
LinuxSecurity.com Feature Extras:
Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Ethereal 0.10.14 Release Notes | ||
30th, December, 2005
Ethereal 0.10.14 has been released. Several security-related vulnerabilities have been fixed. Everyone is encouraged to upgrade. |
||
Adaptive Firewalls with iptables | ||
26th, December, 2005
Up until now, we've looked at stateless and stateful firewalls. Remember, stateless firewalls only have the features of a given packet to use as criteria for whether that packet should be passed, blocked, or logged. With a stateful firewall, in addition to the fields in that packet, we also have access to the kernel's table of open connections to use in deciding the fate of this packet. There's a problem, though. Picture an attacker that has launched attacks against almost every port on our web server box for the past half hour. The firewall has successfully repelled all of them, but now the attacker turns her attentions to port 80. All of the hostile overflow attempts are let through unhindered. Why? Because the firewall ruleset allows all traffic to the web server through, and our firewall can't remember the fact that this IP address has been pounding all the other ports on the system. |
||
Bandwidth monitoring with iptables | ||
27th, December, 2005
Linux has a number of useful bandwidth monitoring and management programs. A quick search on Freshmeat.net for bandwidth returns a number of applications. However, if all you need is a basic overview of your total bandwidth usage, iptables is all you really need -- and it's already installed if you're using a Linux distribution based on the 2.4.x or 2.6.x kernels. Most of the time we use iptables to set up a firewall on a machine, but iptables also provides packet and byte counters. Every time an iptables rule is matched by incoming or outgoing data streams, the software tracks the number of packets and the amount of data that passes through the rules. |
||
Cisco vulnerability posted to Internet | ||
29th, December, 2005
One day after a security researcher and organizers of the Black Hat USA conference agreed not to post details of vulnerabilities in Cisco 's router software, the information has been published on the Internet.On Friday, the Web site Cryptome.org posted what appear to be slides written to accompany a presentation given by former Internet Security Systems Inc. (ISS) researcher Michael Lynn, at the Black Hat conference in Las Vegas. |
||
An Inexpensive and Versatile IDS | ||
27th, December, 2005
An intrusion detection system can be an effective technical control in the modern world of information and network security. One option that provides for low cost NIDS sensor deployment is the use of the open source IDS software Snort in combination with a consumer grade LinkSys cable/DSL router and the open source firmware distribution OpenWrt. These three items together form a powerful yet inexpensive unit that delivers IDS, routing, firewall, wireless, and NAT functionality for use in a light-weight environment, i.e. consumer or small business deployments. |
||
D@TA Protection and the Linux Environment | ||
28th, December, 2005
This is an exciting time for people involved in data protection, and not in the bad way that things can be exciting. Many more options, techniques, and practices have become available to IT professionals. The new technology solves a great many problems. Three major technologies or practices are rapidly changing our ability to protect mission-critical information. First, backup is changing - dramatically. The introduction of disk-to-disk backup systems is shrinking backup windows to nearly zero and bringing restore times in line with modern service levels. With disk-to-disk systems, the traditional tape backup devices are replaced with a hard drive-based system. Using a technique called virtual tape, the disk system emulates the tape system for purposes of software compatibility. Since the disk drives are much faster than tape devices, backup and restore operations are much faster. |
||
Researchers pore over biometrics spoofing data | ||
29th, December, 2005
Sweaty hands might make you unpopular as a dance partner but they could someday prevent hackers from getting into your bank account. Researchers at Clarkson University have found that fingerprint readers can be spoofed by fingerprint images lifted with Play-Doh or gelatine or a model of a finger moulded out of dental plaster. The group even assembled a collection of fingers cut from the hands of cadavers. |
||
Linux in a Business - Got Root? | ||
30th, December, 2005
I work for a government contractor, and have recently convinced them to purchase a Beowulf cluster, and start moving their numeric modelers from Sun to Linux. Like most historically UNIX shops, they don't allow users even low-level SUDO access, to do silly things like change file permissions or ownerships, in a tracked environment. I am an ex-*NIX admin myself ,so I understand their perspective and wish to keep control over the environment, but as a user, I'm frustrated by having to frequently call the help-desk just to get a file ownership changed or a specific package installed. |
||
Financial institutions lead march to Linux in Korea | ||
29th, December, 2005
In the latest in a series of moves aimed at getting Korean government institutions to move away from their reliance on Windows and Unix and adopt open source software, two state-owned financial institutions planned to launch the country's first Linux-based Internet banking services in December. |
||
Four Security Resolutions For The New Year | ||
26th, December, 2005
I always know what my first New Year’s resolution is going to be, because it’s the same every year: lose weight. Chances are, you have the same one. But by the time the Super Bowl happens, and you eat seven thousand calories on that one day, you’ll have already have given up on that resolution. |
||
IT security professionals moving up the corporate pecking order | ||
26th, December, 2005
Ultimate responsibility for information security is moving up corporate management hierarchies, as board-level directors and CEOs - or CISO/CSOs – are increasingly held accountable for safeguarding IT infrastructures, new research has revealed. The second annual Global Information Security Workforce Study, conducted by global analyst firm IDC and sponsored by not-for-profit IT security educational organisation, the International Information Systems Security Certification Consortium (ISC)2, expects this accountability shift to continue as information security becomes more relevant in risk management and IT governance strategies. |
||
Browser developers meet, see eye to eye on security | ||
27th, December, 2005
Developers of four major Web browsers -- Konqueror, Mozilla Firefox, Opera, and Internet Explorer (IE) -- gathered at an informal meeting in Toronto on November 17 to review plans and share progress on security improvements and standards. The intents were making security information more meaningful to users, and balancing security for high-traffic sites (such as banks) and smaller organizations and businesses. |
||
Security Is Not Insurance | ||
27th, December, 2005
What's the hardest part of a chief security officer's job? Evaluating new technologies? Establishing policies for users to follow? Actually, it's more political than that, Jim Routh, chief security officer of Depository Trust & Clearing Corp., said during an Interop presentation Tuesday. "The hardest part of a CSO's job is influencing information security and practices that will be implemented throughout an organization," he said. "It's a delicate process, particularly when you're asking an IT or business manager to rethink how they operate. Education is probably the most important strategic tool for a CSO, without a doubt." And you thought wayward data tapes throwing themselves off of the back of delivery trucks were going to be your biggest challenge. |
||
Rootkits, cybercrime and OneCare | ||
28th, December, 2005
The year 2005 in net security will likely be remembered as the year of the Sony rootkit DRM controversy. In other ways the last 12 months continued the trend of profit becoming a primary driver for the creation of computer viruses. The last 12 months also witnessed a number of high-profile cybercrime prosecutions, including the sentencing of NetSky author Sven Jaschan. |
||
The Linux Year: A Look Back at 2005 | ||
29th, December, 2005
With the birth of each new year, the accolade of 'year of the penguin' has been dusted off and pre-emptively awarded time after time. 2005 was no different, and there's little reason to suppose that 2006 will underwhelm either. |
||
What Tech Skills Are Hot For 2006? | ||
29th, December, 2005
There's continued demand for people with information security skills, say Symons and others. And even though long-term demand is expected to remain strong, the growing ranks of people who have obtained IT security certifications has had a short-term dampening effect on compensation. |
||
Record bad year for tech security | ||
30th, December, 2005
2005 saw the most computer security breaches ever, subjecting millions of Americans to potential identity fraud, according to a report published Thursday. Over 130 major intrusions exposed more than 55 million Americans to the growing variety of fraud as personal data like Social Security and credit card numbers were left unprotected, according to USA Today. |
||
All the Rage: It's 2006: Do You Know Where Your Security Policies Are? | ||
2nd, January, 2006
It's the beginning of a new year--time to review your approach to security policy. If you think implementing firewalls, IDSs and antivirus/antispam products is enough, you're sorely mistaken. No matter the size of your enterprise, you must define a framework of security policies, standards and procedures for securing valuable corporate assets. If you don't, you may be leaving your company open to a variety of vulnerabilities. |
||
Marriott customer data missing | ||
29th, December, 2005
A division of the Marriott International hotel empire has notified more than 200,000 clients of back-up security tapes missing from the company’s Orlando corporate offices. The breached records contained personal information of about 206,000 associates, timeshare owners and timeshare customers, the company said this week in a statement. Stephen P. Weisz, Marriott Vacation Club International president, said the company was assisting affected customers. news/privacy/marriott-customer-data-missing |
||
Data Security Movement Back-Burnered By Lawmakers | ||
28th, December, 2005
Despite a year's worth of highly publicized security breaches and a lot of talk in Congress this summer on ways to protect consumers, there's been too little done to protect U.S. consumers' data, Gartner research director Avivah Litan says. |
||
DNS Name Prediction With Google | ||
2nd, January, 2006
As discussed in Google Hacking for Penetration Testers from Syngress publishing[1], there are many different ways to perform network reconnaissance using Google. Since the publication of that text, many different ideas and techniques have come to light. This document addresses one interesting technique, which we’ll call DNS name[2] prediction. This document assumes you have some knowledge of basic network recon, and is not intended as a hand-holding approach to hacking. If you're evil, stop reading this and go work out some aggression on a sack-o-potatoes or something. |
||