Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Linux Security Week: February 13th 2006 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Traffic Monitoring with Packet-Based Sampling for Defense against Security Threats," "The Role of Modeling and Simulation in Information Security," and "Wi-Fi for dummies."

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. Feature Extras:

EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to with "subscribe" as the subject.

Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

  Decrypting Encryption Myths
  9th, February, 2006

Some of the more prominent headlines over the past year were dominated by incidents of data theft, where corporation after corporation had fallen victim to information theft on a large scale. While many victims had hackers and devious insiders to blame, other instances were simply due to human error such as lost data tapes and stolen laptops. In these cases, CIOs may think their information is not at risk because of encryption. But is this really enough?
  NIST issues guidelines for data removal
  7th, February, 2006

Wonder no longer about how to remove sensitive data from the hard drives and optical disks you are about to toss. The National Institute of Standards and Technology has issued a set of draft guidelines on how to safely remove information from obsolete forms of storage.

Matthew Scholl, Richard Kissel, Steven Skolochenko and Xing Li of the NIST Information Technology Laboratory authored Special Publication 800-88, "Guidelines for Media Sanitization: Recommendations of the National Institute of Standards and Technology," which was sponsored by the Homeland Security Department.
  Sysmask 1.06
  8th, February, 2006

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
  Is Application Security Training Worth the Money?
  7th, February, 2006

Software security--sometimes called application security by the myopic--is catching on. That's good because we can certainly use less broken software in the world. But it's bad because there aren't enough knowledgeable people to build secure software. You see, the people who build software know next to nothing about security. It's no wonder they keep cranking out the security holes. One partial solution is to train your developers. The problem is that everyone and their brother seem to be hanging up a shingle to teach about software security. Asking a potential instructor the right questions will determine whether you end up being shafted, or actually affect the way your developers build
  The Data Security Deluge
  6th, February, 2006

When software designed to manage the loads of information collected from security systems debuted a few years ago, its high cost and complexity stood in the way of its adoption. Yet for some businesses, managing such data is now a requirement in order to comply with government regulations on the collection and retention of data.

Nowhere is this pressure felt more than in the health-care and financial-services markets. Take Genesis HealthCare, which finds itself needing to comply with state data privacy laws in the 12 states where it operates, in addition to compliance with various federal laws. "Firewalls alone produce reams of [data] logs per week," says Bruce Forman, director of information security for the $1.5 billion-a-year health-care provider, which has more than 200 locations, 400 servers, and 38,000 employees.
  Traffic Monitoring with Packet-Based Sampling for Defense against Security Threats
  9th, February, 2006

This paper describes the technology and large-scale deployment and use of a distributed network traffic monitoring system based on a packet-based sampling technology. It gives examples of various techniques making use of the resulting network traffic data to address network security issues.
  What is Netcat?
  9th, February, 2006

"Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Netcat, or "nc" as the actual program is named, should have been supplied long ago as another one of those cryptic but standard Unix tools."
  OSSEC HIDS v0.6 available (log analysis, integrity checking and rootkit detection)
  10th, February, 2006

Version 0.6 of the OSSEC HIDS is now available! OSSEC HIDS is an Open source Host-based intrusion detection system. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.

This new version comes with a lot of new features, including new active responses ( for ipfilter, user lockout and iptables), support for firewall log analysis (iptables, ipfilter and AIX IPSEC), better support for NIDS log analysis and an improved rootkit detection and integrity checking capabilities. In addition to that, this version includes a lot of bug fixes and performance improvements.
  Louisville Geek Dinner
  5th, February, 2006

The purpose of this site is to organize a social networking event for geeks in Louisville and surrounding areas. The geek dinner concept came from listening to London Geek Dinner podcasts. London Geek Dinners have attracted crowds over 175. Hopefully we can pull strong numbers in Louisville.

Who is invited, and what does it mean to be a geek? Wikipedia defines geek as the following, "a person who is fascinated, perhaps obsessively, by obscure or very specific areas of knowledge and imagination." The simple fact is that we love technology. We need a social event where everyone speaks our language for a change. All geeks are invited. Please encourage your geek friends to Signup. The best way to ensure that you will have a good time is to invite other geeks that you know.
  Shmoocon 2006: Wrap-up
  6th, February, 2006

Well, we’ve come to the end of my Shmoocon 2006 coverage. The conference wasn’t all presentations though, there were a lot of other fun activities: The Hacker Arcade featured arcade games that had been modified to generate USB tokens that you could later redeem for prizes. The folks at modified a skill crane so that it could be controlled from the web. Of course, toys like this at a hacker convention spawned some creative solutions. David Rhodes scripted the skill crane’s web interface so that it would try every possible coordinate pair and ended up with an armful of prizes. Another attendee discovered that the USB tokens weren’t case sensitive and generated a couple hundred thousand prize tokens.
  Security Staffing Survey
  8th, February, 2006

According to our recent Security Staffing survey, IT security executives believe their organizatons are in greater jeopardy due to staffing shortages than their peers that oversee corporate security. Additionally, IT uses flex time and training as a motivator more so than corporate security executives. Corporate security organizations outsource more than IT security departments and the most frequently outsourced positions were security guards and guard management, while IT security were more likely to outsource data back up and biometrics.
  Precious Cargo: Security Backup Tapes
  7th, February, 2006

When Bank of America disclosed in February that its courier service had lost backup tapes containing data on about 1.2 million federal employees�including names and Social Security numbers�consumers, senators and even some industry peers asked how there could have been such a lapse in security. No escort for the air transport? No encryption of the tapes?
  Effects of Domain Hijacking Can Linger
  9th, February, 2006

Malicious hackers who are able to hijack an organization's Web domain may be able to steal traffic from the legitimate Web site long after the domain has been restored to its owner, according to a recent report.Design flaws in the way Web browsers and proxy servers store data about Web sites allow malicious hackers to continue directing Web surfers to malicious Web pages for days or even months after the initial domain hijacking.
  EnGarde Secure Community 3.0.4 Released
  7th, February, 2006

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
  The Role of Modeling and Simulation in Information Security
  6th, February, 2006

There is a spate of papers and tools on using Modeling and Simulation (M&S) for testing Denial of Service- (DoS), virus and worm (Propagation, attacks) against computer networks, but this is not a whole story, there is not any explicit M&S tool for testing computer/network security and network attack modeling. In the other words, it seems that Computer Simulation was studied and investigated in many areas but the field of Computer Security has not produced significant research results in this area to date! It goes without saying that M&S is used to understand and develop complex system, it is used to provide analysis and insight into building better systems.
  Quickly Break the Compliance Log Jam with a Sustainable Log Management Program
  6th, February, 2006

System-level controls logs such as database, operating system, identity management and applications all yield compliance relevant information that must be managed - but how? While enterprises turn to frameworks and standards such as ISO-17799, COBIT and COSO to solve this complex log management problem, they realize little guidance exists as to specifically what must be done. This webcast cuts through the ambiguities to share a consistent, best practices based method for quickly implementing a successful and sustainable log management program for compliance requirements such as Sarbanes-Oxley, HIPAA and the Payment Card Industry Standard (PCI).
  No Rest for Weary Security Manager
  6th, February, 2006

Over the holidays, our state agency was very quiet, and I took a vacation, hoping for rest and tranquility. But I found that I had my own security issues to deal with. I was surprised to find that one of my personal e-mail accounts was accumulating over 600 bounced messages per day. This account has been associated with my consulting business for years. I was somewhat alarmed to find out that my domain was being used by a spammer and that my "catch-all" e-mail account was accumulating the bounced messages. (If I hadn't created a catch-all account, I would never have known this was occurring.)
  Locate almost anyone in the UK without their permission
  7th, February, 2006

By using one of the many mobile phone location tracking services aimed at businesses or concerned parents, and some trickery it is possibly to get almost anyone's mobile phone position without their agreement. All that is required is their mobile phone number, and carrier.

Over the past year a number sites have popped up offering web based mobile phone tracking services. To use their services you purchase a monthly subscription or set number of credits, and enter in the targets phone number. The target then receives an SMS message asking them to confirm they consent to the tracking. After the target replies, the tracker can then request their position online and receive a street address, post code, and map of their location with an accuracy of around 250 meters.
  Researchers: Popular apps have mismanaged security
  7th, February, 2006

"Vendors are making mistakes when they write programs for Windows," said Sudhakar Govindavajhala, a Princeton Ph.D. student, and one of the authors of the paper. "It's worrying that your computer can become insecure on installation of new programs."

An attacker would first need to gain access to a local account on a computer to take advantage of the problems described in the paper, Govindavajhala said. "These attacks are not exploitable over the Internet, but if someone can get a handle of your machine, then one can do interesting things," he said.
  Lose your backup tapes? It could be worse
  8th, February, 2006

The list of companies reporting transportation foul-ups included blue-chip names like Bank of America, Citibank, Marriott and Time Warner. Incredibly, any career IT person will tell you that companies have been losing tapes for years. What's new here are disclosure laws. For example, the California Database Breach Act (SB 1386) mandates that organizations publicly disclose data breaches if a single California resident's personal information is at risk. If this personal data just happens to be on misplaced backup tape, so be it.
  Honeywell blames ex-employee in data leak
  8th, February, 2006

Honeywell says a former employee has disclosed sensitive information relating to 19,000 of the company's U.S. employees. Honeywell discovered the information being published on the Web on Jan. 20 and immediately had the Web site in question pulled down, said company spokesman Robert Ferris. In court filings dated Jan. 30, the company accused former employee Howard Nugent, of Arizona, of accessing the information on a Honeywell computer and then causing "the transmission of that information."
  Inside the hacker's mind
  8th, February, 2006

Any mature, conservative environment allows training courses to be created, examination papers to be drafted and certification processes to be implemented. However, in any rapidly developing industry, academia does not do a very effective job of keeping up with developments. That then creates opportunities for suppliers to establish their own certification systems. This provides a method of applying a buying lock on users. Through the history of the IT industry, supplier training and certification has proved to be the only way to keep up with the latest releases of products.
  Computer Network Defence Internet Operational Picture
  10th, February, 2006

The Computer Network Defence Internet Operational Picture was designed and built to cater for the demands of Government and Military networks requiring near real time information on new and emerging cyber threats. It's public availability and lack of corporate identity has resulted in almost every industry, including home users, taking advantage of it either on an occasional basis or full time on plasma screens. The page auto updates every 20 minutes drawing information from multiple sources. inflates ID theft risk
  7th, February, 2006

The UK government has come out with yet another questionable study to support its obsessive bent to impose ID cards on the British public. Once again, ID fraud figures as the reason why Brits need expensive biometric proofs of identity.
  U.S. Government to Survey Businesses on Cyber-Crime
  10th, February, 2006

The U.S. government said Feb. 9 it will launch its first national survey to estimate how much cyber-crime is costing American businesses. The Justice Department and the Department of Homeland Security will try to measure the number of cyber-attacks, frauds and thefts of information and the resulting losses during 2005, officials said in a statement. The survey, to be completed by year-end, will collect information about the nature and extent of computer security violations, the monetary costs, types of offenders and computer security measures now used by companies.
  Spanish hacker jailed for two years
  8th, February, 2006

A Spanish hacker who launched a denial of service attack that hobbled the net connections of an estimated three million users has been jailed for two years and fined €1.4m. Santiago Garrido, 26, (AKA Ronnie and Mike25) launched the attack using a computer worm in retaliation for been banned from the popular "Hispano" IRC chat room for breaking its rules.
  Russian keyloggers hit bank customers
  9th, February, 2006

Russian scammers used key logging Trojans to steal more than a €1m from French people accessing online bank accounts. The Trojans were sent by email but were not activated until people accessed their online bank accounts. Then the Trojan forwarded on user names and passwords to the crooks.
  Laptops seized after students obtain passwords
  10th, February, 2006

All laptop computers at Hodgkins Middle School have been seized after students' passwords were circulated, officials said. Students using the passwords could obtain access to other students' work but they did not gain access to anything that would have allowed them to alter grades or otherwise hack into the school's network, said Principal Jeff Boston.

"We decided to lock them up until tech support can fix the issue. I don't believe anyone hacked anything," Boston said.
  Interview with Shawn Merdinger on WiFi security
  6th, February, 2006

Welcome to Blue Box: The VoIP Security Podcast show #13, a 35-minute podcast from Dan York and Jonathan Zar around news and commentary in the world of VoIP security. This show primarily features an 29-minute interview with Shawn Merdinger, an independent security researcher focused on the security of WiFi SIP handsets.
  Distributed wireless security monitoring systems
  9th, February, 2006

It's been more than 6 months since our last comparative review of wireless IDS products (see "Time To Tighten the Wireless Net," ID# 1612f2). In the past few weeks, two of the participating vendors in that review--one an established player and one a relative newcomer to the market--have introduced significant upgrades to their products. AirDefense has pushed forward with its forensic analysis, which adds a great deal of insight into the history of your wireless space, while AirTight Networks has filled out its feature set and enhanced its autoclassification capability. With security concerns escalating, there's no time like the present to take another look at how the wireless IDS market is evolving.
  Wi-Fi for dummies
  10th, February, 2006

The average user has no idea of the risks associated with public Wi-Fi hotspots. Here are some very simple tips to keep network access secure. My friend Philip is an expert at community activism and is a cracker-jack financial advisor as well. One thing he is not, however - and he would be the first to admit this - is a knowledgeable computer user. Oh sure, he can send emails and cruise the web, and use Word and Excel, but he doesn't really grok his computer. And one thing he especially doesn't know much about is security. He knows there are bad guys out there, and he knows that he should try to practice safe computing, but he just doesn't know how.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.