EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
Preventing DDoS Attacks
By: Blessen Cherian
Introduction
In this article I am trying to explain what DDOS is and how it can be prevented. DDOS happens due to lack of security awareness of the network/server owners. On a daily basis we hear that a particular machine is under DDOS attack or NOC has unplugged the machine due to DDOS attack . So DDOS has become one of the common issues in this electronics world. DDOS is like a disease which doesn't have an anti-viral developed. So we should be carefull while dealing with it. Never take it lightly. In this article i am trying to explain the steps/measures which will help us defend from DDOS attack, up to a certain extend.
What is a DDOS attack?
Simply said, DDOS is an advanced version of DOS attack. Like DOS, DDOS also tries to deny the important services running on a server by broadcasting packets to the destination server in a way that the Destination server cannot handle it. The speciality of the DDOS is that, it relays attacks not from a single network/ host like DOS. The DDOS attack will be launched from different dynamic networks which has already been compromised.
Normally, DDOS consists of 3 parts . One is the Master ,Other the slave and atlast the victim. The master is the attack launcher ie the person/machine behind all this,sound's COOL right. The slave is the network which is being compromised by the Master and Victim is the target site/server. Master informs the compromised machines, so called slaves to launch attack on the victim's site/machine. Hence its also called co-ordinated attack.
In my term, Master is said to be the Master Brain, Slave is said to be the launch pad for the attack and Victim is the target.
How do they Do it?
DDOS is done in 2 phases. In the first phase they try to compromise weak machines in different networks around the world. This phase is called Intrusion Phase. Its in the next phase that they install DDOS tools and starts attacking the victims machines/site. This Phase is called Distributed DoS attacks phase.
Read Full Paper
features/features/preventing-ddos-attacks
LinuxSecurity.com Feature Extras:
EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Debian | ||
Debian: New zoph packages fix SQL injection | ||
9th, March, 2006
Updated package. advisories/debian/debian-new-zoph-packages-fix-sql-injection-59021 |
||
Debian: New bluez-hcidump packages fix denial of service | ||
10th, March, 2006
Updated package. advisories/debian/debian-new-bluez-hcidump-packages-fix-denial-of-service |
||
Debian: New curl packages fix potential security problem | ||
10th, March, 2006
Updated package. advisories/debian/debian-new-curl-packages-fix-potential-security-problem-23945 |
||
Debian: New zoo packages fix arbitrary code execution | ||
10th, March, 2006
Updated package. advisories/debian/debian-new-zoo-packages-fix-arbitrary-code-execution |
||
Debian: New ffmpeg packages fix arbitrary code execution | ||
10th, March, 2006
Updated package. advisories/debian/debian-new-ffmpeg-packages-fix-arbitrary-code-execution |
||
Debian: New GnuPG packages fix broken signature check | ||
10th, March, 2006
Updated package. advisories/debian/debian-new-gnupg-packages-fix-broken-signature-check-70953 |
||
Debian: New freeciv packages fix denial of service | ||
13th, March, 2006
Updated package. advisories/debian/debian-new-freeciv-packages-fix-denial-of-service |
||
Debian: New metamail packages fix arbitrary code execution | ||
13th, March, 2006
Updated package. advisories/debian/debian-new-metamail-packages-fix-arbitrary-code-execution |
||
Debian: New Crypt::CBC packages fix cryptographic weakness | ||
13th, March, 2006
Updated package. advisories/debian/debian-new-cryptcbc-packages-fix-cryptographic-weakness |
||
Debian: New GnuPG packages fix broken signature check | ||
13th, March, 2006
advisories/debian/debian-new-gnupg-packages-fix-broken-signature-check-70953 |
||
Debian: New bomberclone packages fix arbitrary code execution | ||
13th, March, 2006
Updated package. advisories/debian/debian-new-bomberclone-packages-fix-arbitrary-code-execution |
||
Debian: New libextractor packages fix several vulnerabilities | ||
14th, March, 2006
Updated package. advisories/debian/debian-new-libextractor-packages-fix-several-vulnerabilities |
||
Debian: New lurker packages fix several vulnerabilities | ||
14th, March, 2006
Updated package. advisories/debian/debian-new-lurker-packages-fix-several-vulnerabilities |
||
Debian: New Apache2::Request packages fix denial of service | ||
14th, March, 2006
Updated package. advisories/debian/debian-new-apache2request-packages-fix-denial-of-service-8413 |
||
Debian: New crossfire packages fix arbitrary code execution | ||
14th, March, 2006
Updated package. advisories/debian/debian-new-crossfire-packages-fix-arbitrary-code-execution-36360 |
||
Debian: New webcalendar packages fix several vulnerabilities | ||
15th, March, 2006
Several security related problems have been discovered in webcalendar, a PHP based multi-user calendar. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: |
||
Debian: New xpvm packages fix insecure temporary file | ||
16th, March, 2006
Eric Romang discoverd that xpvm, a graphical console and monitor for PVM, creates a temporary file that allows local attackers to create or overwrite arbitrary files with the privileges of the user running xpvm. advisories/debian/debian-new-xpvm-packages-fix-insecure-temporary-file |
||
Debian: New vlc packages fix arbitrary code execution | ||
16th, March, 2006
Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. The vlc media player links statically against libavcodec. advisories/debian/debian-new-vlc-packages-fix-arbitrary-code-execution-42085 |
||
Fedora | ||
Fedora Core 4 Update: net-tools-1.60-52.fc4.2 | ||
10th, March, 2006
The update adds two new options for netstat; T stops trimming remote and local addresses; Z shows selinux context, and fixes doublefree bug in route and netstat. advisories/fedora/fedora-core-4-update-net-tools-160-52fc42-12-15-00-121882 |
||
Fedora Core 4 Update: tcsh-6.14-1.fc4.2 | ||
11th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-tcsh-614-1fc42-12-35-00-121894 |
||
Fedora Core 4 Update: shadow-utils-4.0.12-8.FC4 | ||
13th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-shadow-utils-4012-8fc4-12-44-00-121909 |
||
Fedora Core 4 Update: gnupg-1.4.2.2-1 | ||
13th, March, 2006
Tavis Ormandy discovered a flaw in the way GnuPG verifies cryptographically signed data with inline signatures. It is possible for an attacker to add unsigned text to a signed message in such a way so that when the signed text is extracted, the unsigned text is extracted as well, appearing as if it had been signed. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0049 to this issue. advisories/fedora/fedora-core-4-update-gnupg-1422-1-23-59-00-121911 |
||
Fedora Core 4 Update: db4-4.3.27-5.fc4 | ||
14th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-db4-4327-5fc4-12-34-00-121922 |
||
Gentoo | ||
Gentoo: GNU tar Buffer overflow | ||
10th, March, 2006
A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code. |
||
Gentoo: flex Potential insecure code generation | ||
10th, March, 2006
flex might generate code with a buffer overflow, making applications using such scanners vulnerable to the execution of arbitrary code. |
||
Gentoo: GnuPG Incorrect signature verification | ||
10th, March, 2006
GnuPG may erroneously report a modified or unsigned message has a valid digital signature. |
||
Gentoo: SquirrelMail Cross-site scripting and IMAP command injection | ||
12th, March, 2006
SquirrelMail is vulnerable to several cross-site scripting vulnerabilities and IMAP command injection. |
||
Gentoo: Cube Multiple vulnerabilities | ||
12th, March, 2006
Cube is vulnerable to a buffer overflow, invalid memory access and remote client crashes, possibly leading to a Denial of Service or remote code execution. |
||
Gentoo: Freeciv Denial of Service | ||
16th, March, 2006
A memory allocation bug in Freeciv allows a remote attacker to perform a Denial of Service attack. |
||
Gentoo: zoo Buffer overflow | ||
16th, March, 2006
A buffer overflow in zoo may be exploited to execute arbitrary when creating archives of specially crafted directories and files. |
||
Mandriva | ||
Mandriva: Updated php packages fix vulnerability | ||
9th, March, 2006
A flaw in the PHP gd extension in versions prior to 4.4.1 could allow a remote attacker to bypass safe_mode and open_basedir restrictions via unknown attack vectors. |
||
Mandriva: Updated gnupg packages fix signature file verification vulnerability | ||
14th, March, 2006
Another vulnerability, different from that fixed in MDKSA-2006:043 (CVE-2006-0455), was discovered in gnupg in the handling of signature files. |
||
Red Hat | ||
RedHat: Moderate: python security update | ||
9th, March, 2006
Updated Python packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-python-security-update-RHSA-2007-1077-01 |
||
RedHat: Important: kdegraphics security update | ||
9th, March, 2006
Updated kdegraphics packages that fully resolve a security issue in kpdf are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-kdegraphics-security-update-59910 |
||
RedHat: Moderate: initscripts security update | ||
15th, March, 2006
Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-initscripts-security-update-8410 |
||
RedHat: Moderate: squid security update | ||
15th, March, 2006
Updated squid packages that fix a security vulnerability as well as several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-squid-security-update-42646 |
||
RedHat: Low: vixie-cron security update | ||
15th, March, 2006
An updated vixie-cron package that fixes a bug and security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-vixie-cron-security-update-96028 |
||
RedHat: Updated kernel packages available for Red Hat | ||
15th, March, 2006
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the seventh regular update. This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-updated-kernel-packages-available-for-red-hat-44538 |
||
RedHat: Important: gnupg security update | ||
15th, March, 2006
An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-gnupg-security-update-90286 |
||
RedHat: Critical: flash-plugin security update | ||
15th, March, 2006
An updated Macromedia Flash Player package that fixes a security issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-flash-plugin-security-update-73664 |
||
SuSE | ||
SuSE: gpg signature checking problems | ||
10th, March, 2006
Updated package. |
||