This week, perhaps the most interesting articles include "Traffic Monitoring with Packet-Based Sampling for Defense against Security Threats," "," and "."

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LinuxSecurity.com Feature Extras:

EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

Decrypting Encryption Myths
9th, February, 2006

Some of the more prominent headlines over the past year were dominated by incidents of data theft, where corporation after corporation had fallen victim to information theft on a large scale. While many victims had hackers and devious insiders to blame, other instances were simply due to human error such as lost data tapes and stolen laptops. In these cases, CIOs may think their information is not at risk because of encryption. But is this really enough?

news/cryptography/decrypting-encryption-myths
NIST issues guidelines for data removal
7th, February, 2006

Wonder no longer about how to remove sensitive data from the hard drives and optical disks you are about to toss. The National Institute of Standards and Technology has issued a set of draft guidelines on how to safely remove information from obsolete forms of storage.

Matthew Scholl, Richard Kissel, Steven Skolochenko and Xing Li of the NIST Information Technology Laboratory authored Special Publication 800-88, "Guidelines for Media Sanitization: Recommendations of the National Institute of Standards and Technology," which was sponsored by the Homeland Security Department.

Sysmask 1.06
8th, February, 2006

Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
Is Application Security Training Worth the Money?
7th, February, 2006

Software security--sometimes called application security by the myopic--is catching on. That's good because we can certainly use less broken software in the world. But it's bad because there aren't enough knowledgeable people to build secure software. You see, the people who build software know next to nothing about security. It's no wonder they keep cranking out the security holes. One partial solution is to train your developers. The problem is that everyone and their brother seem to be hanging up a shingle to teach about software security. Asking a potential instructor the right questions will determine whether you end up being shafted, or actually affect the way your developers build
The Data Security Deluge
6th, February, 2006

When software designed to manage the loads of information collected from security systems debuted a few years ago, its high cost and complexity stood in the way of its adoption. Yet for some businesses, managing such data is now a requirement in order to comply with government regulations on the collection and retention of data.

Nowhere is this pressure felt more than in the health-care and financial-services markets. Take Genesis HealthCare, which finds itself needing to comply with state data privacy laws in the 12 states where it operates, in addition to compliance with various federal laws. "Firewalls alone produce reams of [data] logs per week," says Bruce Forman, director of information security for the $1.5 billion-a-year health-care provider, which has more than 200 locations, 400 servers, and 38,000 employees.
Traffic Monitoring with Packet-Based Sampling for Defense against Security Threats
9th, February, 2006

This paper describes the technology and large-scale deployment and use of a distributed network traffic monitoring system based on a packet-based sampling technology. It gives examples of various techniques making use of the resulting network traffic data to address network security issues.

news/network-security/traffic-monitoring-with-packet-based-sampling-for-defense-against-security-threats
What is Netcat?
9th, February, 2006

"Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Netcat, or "nc" as the actual program is named, should have been supplied long ago as another one of those cryptic but standard Unix tools."

news/network-security/what-is-netcat
OSSEC HIDS v0.6 available (log analysis, integrity checking and rootkit detection)
10th, February, 2006

Version 0.6 of the OSSEC HIDS is now available! OSSEC HIDS is an Open source Host-based intrusion detection system. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.

This new version comes with a lot of new features, including new active responses ( for ipfilter, user lockout and iptables), support for firewall log analysis (iptables, ipfilter and AIX IPSEC), better support for NIDS log analysis and an improved rootkit detection and integrity checking capabilities. In addition to that, this version includes a lot of bug fixes and performance improvements.
Louisville Geek Dinner
5th, February, 2006

The purpose of this site is to organize a social networking event for geeks in Louisville and surrounding areas. The geek dinner concept came from listening to London Geek Dinner podcasts. London Geek Dinners have attracted crowds over 175. Hopefully we can pull strong numbers in Louisville.

Who is invited, and what does it mean to be a geek? Wikipedia defines geek as the following, "a person who is fascinated, perhaps obsessively, by obscure or very specific areas of knowledge and imagination." The simple fact is that we love technology. We need a social event where everyone speaks our language for a change. All geeks are invited. Please encourage your geek friends to Signup. The best way to ensure that you will have a good time is to invite other geeks that you know.

news/organizations-events/louisville-geek-dinner
Shmoocon 2006: Wrap-up
6th, February, 2006

Well, we’ve come to the end of my Shmoocon 2006 coverage. The conference wasn’t all presentations though, there were a lot of other fun activities: The Hacker Arcade featured arcade games that had been modified to generate USB tokens that you could later redeem for prizes. The folks at 757.org modified a skill crane so that it could be controlled from the web. Of course, toys like this at a hacker convention spawned some creative solutions. David Rhodes scripted the skill crane’s web interface so that it would try every possible coordinate pair and ended up with an armful of prizes. Another attendee discovered that the USB tokens weren’t case sensitive and generated a couple hundred thousand prize tokens.

news/organizations-events/shmoocon-2006-wrap-up
Security Staffing Survey
8th, February, 2006

According to our recent Security Staffing survey, IT security executives believe their organizatons are in greater jeopardy due to staffing shortages than their peers that oversee corporate security. Additionally, IT uses flex time and training as a motivator more so than corporate security executives. Corporate security organizations outsource more than IT security departments and the most frequently outsourced positions were security guards and guard management, while IT security were more likely to outsource data back up and biometrics.

news/organizations-events/security-staffing-survey
Precious Cargo: Security Backup Tapes
7th, February, 2006

When Bank of America disclosed in February that its courier service had lost backup tapes containing data on about 1.2 million federal employeesâ€