Linux Security Week: August 21st 2006

Got something to hide? You may not want to reconsidering flying in the future. An Israeli company has come up with a biometric system for detecting emotional responses to a series of questions. The system, dubbed Cognito, uses polygraph-like techniques to detect when a passenger is worried during a series of questions. Within 5 minutes, the system makes a determination of whether the passenger should be further questioned by authorities, according to the company. "What we are looking for are patterns of behavior that indicate something all terrorists have: the fear of being caught," Shabtai Shoval, chief executive of biometric systems maker Suspect Detection Systems, told the Wall Street Journal in a Monday article.

LogError writes: A vulnerability of the Passmark Sitekey login approach at Bank of America could permit an attacker to remotely lock out thousands of customers from their online banking accounts. The vulnerability announced today is similar to a DoS attack in that it permits an attacker to remotely "lock out" customers from their online accounts, potentially overwhelming the bank's customer support lines with calls from frustrated customers.

Because British law enforcement officers don't have the authority to seize encryption keys, an increasing number of criminals are able to evade justice, a senior police officer said. Suspected terrorists, pedophiles and burglars have all walked free because encrypted data couldn't be opened, Detective Chief Inspector Matt Sarti of the Metropolitan Police said Monday during a public meeting in London.

"There are more than 200 PCs sitting in property cupboards which contain encrypted data, for which we have considerable evidence that they contain data that relates to a serious crime," Sarti said. "Not one of those suspects has claimed that the files are business-related, and in many cases, the names of the files indicate that they are important to our investigations."

news/cryptography/uk-police-let-us-seize-encryption-key

Cryptography has been employed for keeping secrets since the time of Caesar. From the simplest ciphers of shifting letters, to mathematically provably secure ciphers of today, cryptography has progressed a long way.

news/cryptography/foundations-of-cryptography

MOSREF is a exploitation architecture utilizing the power of the MOSVM virtual machine and Mosquito Lisp to make penetration testing, exploit development, and general systems security tasks more efficient.

While MOSREF has been developed primarily as a platform for exploitation and penetration-testing, MOSREF and the underlying MOSVM virtual machine technology can be used for a variety of security-related and non-security-related tasks. Moreover, the platform is licensed under the GNU LGPL, and is redistributable and modifiable under the terms of that license. <>P

For those who wish to enhance or fortify the security of the MySQL installation that following technical 10 steps are a good start.

IT people love to complain about their end users. They tell funny stories about boneheaded employees who leave their passwords stuck to their computers. They grit their teeth when users click on email attachments from strangers. End users, they say, are too damn trusting, not to mention forgetful. Up until now, I've always felt that this righteous indignation was justified. I mean, IT people are smart about security, and they don't trust anybody, right? But this week, I wrote a story that burst my bubble.

With Microsoft Corp.'s Office suite now being targeted by hackers, researchers at the French Ministry of Defense say users of the OpenOffice.org software may be at even greater risk from computer viruses. "The general security of OpenOffice is insufficient," the researchers wrote in a paper entitled "In-depth analysis of the viral threats with OpenOffice.org documents." "This suite is up to now still vulnerable to many potential malware attacks," they wrote.

This article discusses the shared libraries concept in both Windows and Linux, and offers a walk through various data structures to explain how dynamic linking is done in these operating systems. The paper will be useful for developers interested in the security implications and the relative speed of dynamic linking, and assumes some prior cursory knowledge with dynamic linking. Part one introduced the concepts for both Linux and Windows and focused primarily on Linux. Now in part two, we'll discuss how it works in Windows and then continue compare the two environments. Readers are encouraged to review part one again before continuing with this article.

Europe is hurtling toward an information society capable of offering communication services anywhere in the world; a society where data and communication devices spontaneously form networks using any medium with any protocol to access any service. So far, such a proposition is not too secure. But researchers are on the case.

news/network-security/solving-the-security-challenge-of-dynamic-networks

The tool, dubbed VoodooNet or v00d00n3t, uses the ability of most computers to encapsulate next-generation network traffic, known as Internet Protocol version 6 (IPv6), inside of today's network communications standard, or IPv4. Because most security hardware appliances and host-based intrusion detection programs have not been programmed to inspect IPv6 packets in depth, data can bypass most network security, said independent security researcher Robert Murphy, who presented the tool at the DEFCON hacking conference last weekend.

news/network-security/covert-channel-tool-hides-data-in-ipv6

Network security is vital if Welsh SMEs hope to thwart hackers in future years, says UK internet security tester NTA monitor. While SMEs make up 99.9 per cent of the 4.3 million businesses in the UK, the vast majority do not have dedicated IT departments. Because of this, the necessity for security against threats should be a priority. Network structure should always be considered with this firmly in mind, according to NTA monitor.

news/network-security/smes-must-prioritise-network-security

SSH is the secure replacement for rlogin, rsh and telnet, which has been used in the past to do remote administration work. Even today some people still like using telnet for administration, even though it actively affects system security, since all commands and passwords are transmitted in cleartext. Since we are aware of the security risk of running a telnet service and want to be better we are not only using SSH, we will set up SSH with public key authentification.

news/network-security/openssh-introduction

HOPE Number Six was this summer's hacker conference sponsored by 2600 Magazine. Presenters and artists from all nationalities and disciplines participated in this forum. HOPE Number Six covered all aspects of hacking, the community surrounding it, and its effects across the world. For three days, The Hotel Pennsylvania was the nexus of discussion, planning, and activity for hacker ideas, opportunities, and understanding.

news/organizations-events/audio-hope-2006-keynotes

By now you've got the perfect setup for your new Ubuntu 6.0.6 (Dapper Drake) box. You may have even followed the excellent Intrusion Detection and Prevention with BASE and Snort tutorial. And as an added precaution you installed DenyHosts to prevent hack attempts via ssh. But now that you've got your new LAMP server on the internet, how can you tell that your new web server is secure? You test it, of course!

news/server-security/security-testing-your-apache-configuration-with-nikto

OpenBSD is quite possibly the most secure operating system on the planet. Every step of the development process focuses on building a secure, open, and free platform. UNIX