LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Security Week: March 27th 2006 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week perhaps the most interesting articles include "Encrypt filesystems with EncFS and Loop-AES," "Revealing the myths about network security," and "Enterprise Security Threats Increasingly Come from Within."


EnGarde Secure Linux: Why not give it a try?

EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.

http://www.engardelinux.org/modules/index/register.cgi


LinuxSecurity.com Feature Extras:

EnGarde Secure Community 3.0.5 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.5 (Version 3.0, Release 5). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.

pgp Key Signing Observations: Overlooked Social and Technical Considerations - While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Multiple Live CDs In One DVD
  24th, March, 2006

Live CDs do a great job of advertising Linux distributions. In addition to general-purpose live CD distributions, there are lots of task-oriented live CDs. Wouldn't it be great if you could carry multiple live CDs on one DVD disc? Nautopia.net has put up a script that you can use to make a custom DVD to boot multiple live CDs.

http://www.linuxsecurity.com/content/view/122084
 
  Tunnels in Hash Functions - MD5 Collisions Within a Minute
  20th, March, 2006

In this paper we introduce a new idea of tunneling of hash functions. In some sense tunnels replace multi-message modification methods and exponentially accelerate collision search. We describe in one minute on a standard notebook PC (Intel Pentium 1.6 GHz). The method works for any intializing value. Tunneling is a general idea, which can be used for finding collisions of other hash functions, such as SHA-1, 2. We show several capabilities of tunnels. A program, which source code is available on a project homepage, experimentally verified the method.

http://www.linuxsecurity.com/content/view/121996
 
  Encrypt filesystems with EncFS and Loop-AES
  21st, March, 2006

Encrypted filesystems may be overkill for family photos or your résumé, but they make sense for network-accessible servers that hold sensitive business documents, databases that contain credit-card information, offline backups, and laptops. EncFS and Loop-AES, which are both released under the GNU General Public License (GPL), are two approaches to encrypting Linux filesystems. I'll compare the two and then look at other alternatives.

http://www.linuxsecurity.com/content/view/122011
 
  Linux Dictionary
  19th, March, 2006

(SWP) Sun Wah-PearL Linux Training and Development Centre has an ambitious aim to promote the use of Linux and related Open Source Software (OSS) and Standards. The vendor independent positioning of SWP has been very well perceived by the market. Throughout the last couple of years, SWP becomes the top leading OSS training and service provider in Hong Kong. And in fact we are leading the market direction in some ways.

http://www.linuxsecurity.com/content/view/121977
 
  Useful Firefox Security Extensions
  21st, March, 2006

Mozilla’s Firefox browser claims to provide a safer browsing experience out of the box, but some of the best security features of Firefox are only available as extensions. Here’s a roundup of some of the more useful ones I’ve found.

http://www.linuxsecurity.com/content/view/122009
 
  Digital Forensics Wiki
  22nd, March, 2006

This is the Forensics Wiki, devoted to information about digital forensics. We are just getting started, but still encourage you to browse the site and contribute whatever information you have available.

http://www.linuxsecurity.com/content/view/122039
 
  Security Protocols: Google's FrSIRT Cache
  23rd, March, 2006

As we previously reported, FrSIRT has decided that they want to start selling other security researchers exploits. Thanks to Layne, here is a list of 626 exploits from Google cache which were published on the FrSIRT website. FrSIRT also always seemed to fail to give the proper credit to the researchers who would submit code, and or advisories.

http://www.linuxsecurity.com/content/view/122068
 
  International Body Adopts Network Security Standard
  25th, March, 2006

The International Organization for Standardization (ISO) approved last month a comprehensive model that identifies critical requirements to ensure end-to-end network security. Specifically, the global standards group formally adopted ISO/IEC 18028-2, which defines a standard security architecture and provides a systematic approach to support the planning, design and implementation of information technology networks.

http://www.linuxsecurity.com/content/view/122087
 
  The Effective Response To Computer Crime
  23rd, March, 2006

The attraction of computer-based crime is obvious. Twenty years ago corporate spies would find it difficult to steal the entire contents of a filing cabinet, but today they can take far more by slipping a disc into their pocket or e-mailing data to an online electronic swag bag.

http://www.linuxsecurity.com/content/view/122067
 
  Useful Firefox Security Extensions
  18th, March, 2006

Mozilla’s Firefox browser claims to provide a safer browsing experience out of the box, but some of the best security features of Firefox are only available as extensions. Here’s a roundup of some of the more useful ones I’ve found.

http://www.linuxsecurity.com/content/view/121975
 
  Old Physical Security Threats Still Working
  20th, March, 2006

In "The Complete Windows Trojans Paper" that I released back in 2003 (you can also update yourself with some recent malware trends!) I briefly mentioned on the following possibility as far as physical security and malware was concerned:

http://www.linuxsecurity.com/content/view/122000
 
  Revealing the myths about network security
  20th, March, 2006

Many people and businesses unknowingly leave their private information readily available to hackers because they subscribe to some common myths about computer and network security. But knowing of the facts will help you to keep your systems secure. Here are some answers to these myths.

http://www.linuxsecurity.com/content/view/121980
 
  Countering Cyber Terrorism
  20th, March, 2006

Still using that tired and worn out password to log onto your PC? Is your mother’s maiden name still the main prompt you use to log on and check your credit card statement? Worried that the PIN number you use to access your online banking is the same PIN you’ve given the children to access the Sky Digibox? You should be. The fact is that as individuals, we are not doing enough to guarantee user authentication. And if you think that’s bad, the situation in organisations is even worse.

http://www.linuxsecurity.com/content/view/121978
 
  Advances In Fingerprinting Could Bolster Network Security
  23rd, March, 2006

New technology for matching fingerprints for security purposes is proving about as reliable but much more efficient than traditional techniques, according to a new study by the National Institute of Standards and Technology. NIST studied the use of "minutiae templates," which are mathematical representations of full-blown fingerprint images that are seen as being much easier for vendors of biometric security systems to exchange with each other. The study involved use of a new standard for minutiae data that makes data exchange simpler than when proprietary techniques for converting fingerprint images to minutiae data.

http://www.linuxsecurity.com/content/view/122069
 
  Digging Security Tunnels With Spoons
  24th, March, 2006

One of the biggest complaints I hear about security is the associated operational overhead. IT personnel are constantly adjusting multiple technologies in an effort to provide access to the good guys while locking out the bad guys. If you want to see a metric of this behavior in action, look no further than your network Access Control List (ACL) rules.

http://www.linuxsecurity.com/content/view/122083
 
  HLBR - Hogwash Light BR
  20th, March, 2006

HLBR is a brazilian project, started in november 2005, as a fork of the Hogwash project (started by Jason Larsen in 1996). This project is destined to the security in computer networks. HLBR is an IPS (Intrusion Prevention System) that can filter packets directly in the layer 2 of the OSI model (so the machine doesn't need even an IP address).

http://www.linuxsecurity.com/content/view/121995
 
  Detecting Botnets Using a Low Interaction Honeypot
  23rd, March, 2006

This paper describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. We show the mechanism used to 'compromise' the server and to download further malware. This honeypot is 'fail-safe' in that when left unattended, the default action is to do nothing – though if the operator is present, exploitation attempts can be investigated. IP addresses and other details have been obfuscated in this version.

http://www.linuxsecurity.com/content/view/122064
 
  SOURCEFIRE AND CHECK POINT ANNOUNCE MUTUAL WITHDRAWAL FROM THE CFIUS PROCESS
  24th, March, 2006

Sourcefire, Inc., the world leader in intrusion prevention, today announced that, with the consent of the US government, Sourcefire and Check Point Software Technologies have opted to withdraw their merger filing with the Committee on Foreign Investment in the United States (CFIUS). Sourcefire will continue to operate as the industry's largest private Intrusion Prevention System (IPS) vendor.

http://www.linuxsecurity.com/content/view/122082
 
  Detecting Botnets Using a Low Interaction Honeypot
  26th, March, 2006

This paper describes a simple honeypot using PHP and emulating several vulnerabilities in Mambo and Awstats. We show the mechanism used to 'compromise' the server and to download further malware. This honeypot is 'fail-safe' in that when left unattended, the default action is to do nothing – though if the operator is present, exploitation attempts can be investigated. IP addresses and other details have been obfuscated in this version.

http://www.linuxsecurity.com/content/view/122088
 
  OS X Sudo vs. Root: The Real Story
  22nd, March, 2006

What are you really gaining by using sudo in the default Mac OS X configuration? First, you gain some comfort that nobody can login as root, either locally or remotely via SSH or FTP and tamper with your machine. Second, you get a log entry in /var/log/system.log every time sudo is used showing you who used it and what command was executed. These appear good enough reasons to endure the slight inconvenience of using sudo.

However, the way sudo is configured out of the box, you only need to enter your own password for authentication. This means that if someone guesses your password or steals it (and has access to it locally or via SSH), they can take over your box just as if you had root enabled.

http://www.linuxsecurity.com/content/view/122033
 
  Many Data Centers Still Have No Risk Management Plan
  22nd, March, 2006

Business technology managers are facing tough challenges as data centers grow larger and more complex. More than 75% of all companies have experienced a business disruption in the past five years, including 20% who say the disruption had a serious impact on the business, according to a recent survey of data center managers. Despite the critical nature of data center operations to business, nearly 17% reported they have no risk management plan, and less than 5% have plans that address viruses and security breaches.

http://www.linuxsecurity.com/content/view/122038
 
  Is Your DR Plan Vulnerable to an Attack?
  24th, March, 2006

Sorry, I have to do this. I have to rant. Here's what I have to get off my chest. News item: "DHS Scores F on Cybersecurity Report Card." Last week, a congressional oversight committee gave the U.S. Department of Homeland Security a failing grade on its annual cybersecurity report card. Congress says that when it comes to protecting the country's data infrastructure -- an entity that in itself has become critical to the continued functioning of the U.S. economy -- the DHS is a D-U-N-C-E. Appalling.

http://www.linuxsecurity.com/content/view/122086
 
  Finding Security's Next 'American Idol'
  21st, March, 2006

It's like an "American Idol" for security geeks. Students at the Georgia Institute of Technology prep, sweat and show their stuff while a panel of critics decides their fates. But unlike the popular "reality" TV show, judges aren't determining who can best carry a tune. Instead they weigh students' ideas for making information security more user-friendly, with $50,000 -- enough cash to fund a project for 12 months -- hanging in the balance.

http://www.linuxsecurity.com/content/view/122026
 
  Bringing Botnets Out of the Shadows
  22nd, March, 2006

Nicholas Albright's first foray into some of the darkest alleys of the Internet came in November 2004, shortly after his father committed suicide. About a month following his father's death, Albright discovered that online criminals had broken into his dad's personal computer and programmed it to serve as part of a worldwide, distributed network for storing pirated software and movies.

http://www.linuxsecurity.com/content/view/122040
 
  Social engineering reloaded
  22nd, March, 2006

The purpose of this article is to go beyond the basics and explore how social engineering, employed as technology, has evolved over the past few years. A case study of a typical Fortune 1000 company will be discussed, putting emphasis on the importance of education about social engineering for every corporate security program.

http://www.linuxsecurity.com/content/view/122032
 
  Forgotten password clues create hacker risk
  23rd, March, 2006

Security flaws in the "forgotten password" feature of ecommerce websites leave half the UK's online retailers open to attack, according to security consultancy SecureTest. It warns that the log-in process of many transactional websites can be subverted by a "brute force" or enumeration attack. In a survey of 107 popular online retail websites in the UK, SecureTest found that 54 of the sites (or 50.5 per cent) are potentially vulnerable to this type of hack attack.

http://www.linuxsecurity.com/content/view/122061
 
  Opinion: What a year it's been for e-crime
  23rd, March, 2006

Looking back at the past year, it seems the security threats to businesses are only becoming more pervasive and more costly, says Simon Moores. In two weeks' time, leaders of the global law-enforcement, finance and online business communities will assemble in London for the annual e-Crime Congress. In the 12 months since they were here last, we've seen the financial services industry under almost constant Trojan horse attack, denial of service attacks increase by 50 per cent and phishing and identity theft attempts approach eight million per day, according to security company Symantec.

http://www.linuxsecurity.com/content/view/122063
 
  Security Czar
  23rd, March, 2006

In this column Scott Granneman takes the role of dictator of the security world and presents his ideas about mandatory reforms that would improve security for millions of people.

http://www.linuxsecurity.com/content/view/122066
 
  Enterprise Security Threats Increasingly Come from Within
  24th, March, 2006

While protecting corporate networks from outside intrusion remains a huge challenge for enterprise IT professionals, some experts contend that efforts to better police internal behavior and manage security policies have become every bit as important.

Enterprises searching for the answers to their security problems should increasingly take a closer look at their internal operations before blaming outside threats, according to experts participating in an online IT security conference.

http://www.linuxsecurity.com/content/view/122076
 
  IT Confidential: Choose Your Intrusion: Who's Your Friend?
  20th, March, 2006

'm as big a fan of government intrusion as the next person, but things may have gotten a little out of hand lately. Take last week's legal contretemps between the Justice Department and Google. Forget for a minute that Google really faces no downside by refusing the government's request to turn over search data. Even if Google loses the case and has to turn over some (truncated) amount of (very general) information about a (random) selection of searches, it still wins in the court of public opinion as a defender of personal privacy. As my colleague Chris Murphy put it, Google should take the court costs out of its marketing budget.

http://www.linuxsecurity.com/content/view/121984
 
  The Future of Privacy = Don't Over-empower The Watchers
  20th, March, 2006

I blog a lot about privacy, anonymity and censorship, mainly because I feel not just concerned, but obliged to build awareness on the big picture the way I see it. Moreover, I find these interrelated and excluding any of these would result in missing the big picture, at least from my point of view.

http://www.linuxsecurity.com/content/view/121999
 
  Security: A Continuing Federal Challenge
  21st, March, 2006

The latest FISMA scorecards are out, with the grades for different agencies' efforts in the computer security arena. Amazingly, the overall grade--for all 24 major agencies in the federal government--has moved not a notch. Last year's D+ remains intact. For those who may be new to FISMA Fun, it works more or less like this: the General Accounting Office (GAO) and the Office of Management and Budget (OMB) ask each major agency's Inspector General (IG) to submit an independent report about computer security based on numerous guidelines and scoring criteria.

http://www.linuxsecurity.com/content/view/122028
 
  US turns to tech to shore up its ports
  23rd, March, 2006

Airport screeners are using new technology to find explosives instead of hunting for tweezers, Department of Homeland Security secretary Michael Chertoff said on Friday. Locked and armoured cockpit doors and air marshals on planes are part of a switch in main security concern from hijackers to people who might want to blow up airplanes, Chertoff said in a speech at an event in San Francisco hosted by the Commonwealth Club. He said: "The things we're really worried about are explosives." Airport screeners are being retrained "to move them away from looking for things like nail clippers to more sophisticated chemicals and detonating devices".

http://www.linuxsecurity.com/content/view/122062
 
  Trojan Cryzip Extorts Decryption Fee
  18th, March, 2006

A Trojan making the rounds encrypts victims' files and demands a $300 payment to have them decrypted and unlocked, according to a report by security firm Lurhq Threat Intelligence Group. This so-called "ransomware" Trojan, dubbed Cryzip, is the second of its type to emerge in the past 10 months, following the PGPcoder Trojan. It also is the third such Trojan to appear since 1989.

http://www.linuxsecurity.com/content/view/121976
 
  The effective response to computer crime
  21st, March, 2006

The attraction of computer-based crime is obvious. Twenty years ago corporate spies would find it difficult to steal the entire contents of a filing cabinet, but today they can take far more by slipping a disc into their pocket or e-mailing data to an online electronic swag bag. It is much easier to steal, leak, manipulate or destroy electronic data. But just as in the physical world, cyber-criminals leave their electronic fingerprints all over a digital crime scene.

http://www.linuxsecurity.com/content/view/122010
 
  Getting Paid For Getting Hacked
  21st, March, 2006

In the middle of February, Time Magazine ran a great article on Cyberinsurance or "Shock Absorbers", and I feel this future trend deserves a couple of comments, from the article: "As companies grow more dependent on the Internet to conduct business, they have been driving the growing demand for cyber insurance. Written premiums have climbed from $100 million in 2003 to $200 million in 2005, according to Aon Financial Services Group ...

http://www.linuxsecurity.com/content/view/122019
 
  Lost Ernst & Young laptop exposes IBM staff
  22nd, March, 2006

Ernst & Young has lost another laptop containing the social security numbers and other personal information of its clients' employees. This time, the incident puts thousands of IBM workers at risk. Ex-IBM employees are also affected. The Register has learned that the laptop was stolen from an Ernst & Young employee's car in January. The employee handled some of the tax functions Ernst & Young does for IBM workers who have been stationed overseas at one time or another during their careers. As a result of the theft, the names, dates of birth, genders, family sizes, SSNs and tax identifiers for IBM employees have been exposed.

http://www.linuxsecurity.com/content/view/122034
 
  The effective response to computer crime
  24th, March, 2006

The attraction of computer-based crime is obvious. Twenty years ago corporate spies would find it difficult to steal the entire contents of a filing cabinet, but today they can take far more by slipping a disc into their pocket or e-mailing data to an online electronic swag bag.

It is much easier to steal, leak, manipulate or destroy electronic data. But just as in the physical world, cyber-criminals leave their electronic fingerprints all over a digital crime scene.

http://www.linuxsecurity.com/content/view/122075
 
  Are You Liable If Someone Does Something Illegal On Your WiFi?
  21st, March, 2006

For years, whenever the press has written one of their fear-mongering stories about open WiFi, they almost always include some tidbit about how if someone uses your network to do something illegal, you can be arrested for it. It's one of the popular open WiFi horror stories -- but is it true? Well, of course, you can be arrested, but it's unlikely that there would be any legal grounds for the arrest.

http://www.linuxsecurity.com/content/view/122027
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Disaster as CryptoWall encrypts US firm's entire server installation
Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.