Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
Tips on keeping your Ubuntu Linux Server Secure
This article is excerpted from The Official Ubuntu Book by Benjamin Mako Hill, Jono Bacon, Corey Burger, Jonathan Jesse and Ivan Krstic, copyright Prentice Hall. Reprinted with permission of Prentice Hall, all rights reserved. As a system administrator, one of your chief tasks is dealing with server security. If your server is connected to the Internet, for security purposes, it's in a war zone. If it's only an internal server, you still need to deal with (accidentally) malicious users, disgruntled employees and the guy in accounting who really wants to read the boss's secretary's e-mail.
howtos/secure-my-webserver/tips-on-keeping-your-ubuntu-linux-server-secure
Secure Linux/UNIX access with PuTTY and OpenSSH
Many users have implemented Secure Shell (ssh) to provide protected access to a remote Linux system, but don't realize that by allowing password authentication, they are still open to brute-force attacks from anywhere on the internet. There are worms running rampant on the internet which do an effective job finding weak username/ password combinations, and these are not stopped by the use of Secure Shell. Table of Contents This Tech Tip details how to use the free PuTTY SSH client to connect to a Linux system running the OpenSSH server, all while using public key encryption and SSH agent support. Much of this information applies to any OpenSSH installation on any UNIX system - Solaris, *BSD, OpenServer - but we've targetted this to the Linux platform when specifics are called for.
The Community edition of EnGarde Secure Linux is completely free and open source. Updates are also freely available when you register with the Guardian Digital Secure Network.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.8 (Version 3.0, Release 8). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool, several updated packages, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New ethereal packages fix execution of arbitrary code | ||
| 7th, September, 2006
Updated package. advisories/debian/debian-new-ethereal-packages-fix-execution-of-arbitrary-code |
||
| Debian: New Mozilla Thunderbird packages fix several problems | ||
| 8th, September, 2006
The latest security updates of Mozilla Thunderbird introduced a regression that led to a disfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text: Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-2779 CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3810 advisories/debian/debian-new-mozilla-thunderbird-packages-fix-several-problems-13245 |
||
| Debian: New bind9 packages fix denial of service | ||
| 9th, September, 2006
Updated package. advisories/debian/debian-new-bind9-packages-fix-denial-of-service-76339 |
||
| Debian: New openssl packages fix RSA signature forgery cryptographic weakness | ||
| 10th, September, 2006
Updated package. advisories/debian/debian-new-openssl-packages-fix-rsa-signature-forgery-cryptographic-weakness |
||
| Debian: New openssl096 packages fix RSA signature forgery cryptographic weakness | ||
| 11th, September, 2006
Daniel Bleichenbacher discovered a flaw in OpenSSL cryptographic package that could allow an attacker to generate a forged signature that OpenSSL will accept as valid. advisories/debian/debian-new-openssl096-packages-fix-rsa-signature-forgery-cryptographic-weakness |
||
| Debian: New Mozilla Firefox packages fix several vulnerabilities | ||
| 13th, September, 2006
The latest security updates of Mozilla Firefox introduced a regression that led to a disfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text: Several security related problems have been discovered in Mozilla and derived products like Mozilla Firefox. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3811 advisories/debian/debian-new-mozilla-firefox-packages-fix-several-vulnerabilities-71271 |
||
| Debian: New isakmpd packages fix replay protection bypass | ||
| 13th, September, 2006
A flaw has been found in isakmpd, OpenBSD's implementation of the Internet Key Exchange protocol, that caused Security Associations to be created with a replay window of 0 when isakmpd was acting as the responder during SA negotiation. This could allow an attacker to re-inject sniffed IPsec packets, which would not be checked against the replay counter. advisories/debian/debian-new-isakmpd-packages-fix-replay-protection-bypass |
||
| Debian: New zope2.7 packages fix information disclosure | ||
| 13th, September, 2006
Updated package. advisories/debian/debian-new-zope27-packages-fix-information-disclosure-59985 |
||
| Gentoo | ||
| Gentoo: Wireshark Multiple vulnerabilities | ||
| 7th, September, 2006
Wireshark is vulnerable to several security issues that may lead to a Denial of Service and/or the execution of arbitrary code. |
||
| Gentoo: OpenSSL, AMD64 x86 emulation base libraries RSA signature forgery | ||
| 7th, September, 2006
OpenSSL fails to properly validate PKCS #1 v1.5 signatures. |
||
| Gentoo: Motor Execution of arbitrary code | ||
| 7th, September, 2006
Motor uses a vulnerable ktools library, which could lead to the execution of arbitrary code. |
||
| Gentoo: OpenSSL, AMD64 x86 emulation base libraries RSA signature forgery | ||
| 12th, September, 2006
|
||
| Gentoo: AdPlug Multiple vulnerabilities | ||
| 12th, September, 2006
Multiple heap and buffer overflows exist in AdPlug. |
||
| Gentoo: LibXfont, monolithic X.org Multiple integer overflows | ||
| 13th, September, 2006
Some buffer overflows were discovered in the CID font parser, potentially resulting in the execution of arbitrary code with elevated privileges. |
||
| Gentoo: xine-lib Buffer overflows | ||
| 13th, September, 2006
xine-lib is vulnerable to multiple buffer overflows that could be exploited to execute arbitrary code. |
||
| Gentoo: FFmpeg Buffer overflows | ||
| 13th, September, 2006
FFmpeg is vulnerable to multiple buffer overflows that might be exploited to execute arbitrary code. |
||
| Mandriva | ||
| Mandriva: Updated bind packages fix DoS vulnerabilities | ||
| 8th, September, 2006
A vulnerability in BIND was discovered where it did not sufficiently verify particular requests and responses from other name servers and users. This could be exploited by sending a specially crafted packet to crash the name server. Updated packages have been patched to address these issues. |
||
| Mandriva: Updated php packages fix vulnerabilities | ||
| 7th, September, 2006
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings (CVE-2006-4481). Buffer overflow in the LWZReadByte function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array (CVE-2006-4484). The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read (CVE-2006-4485). CVE-2006-4485 does not affect the Corporate3 or MNF2 versions of PHP. Updated packages have been patched to correct these issues. |
||
| Mandriva: Updated squidGuard to address logrotate issues | ||
| 8th, September, 2006
There was a typo in the logrotate script for squidGuard, which triggered daily error messages via email from cron. The updated packages have corrected this issue. |
||
| Red Hat | ||
| RedHat: Moderate: mailman security update | ||
| 8th, September, 2006
Updated mailman packages that fix security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-mailman-security-update-3734 |
||
| RedHat: Important: openssl security update | ||
| 8th, September, 2006
Updated OpenSSL packages are now available to correct a security issue. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-openssl-security-update-98001 |
||
| RedHat: Low: wireshark security update | ||
| 12th, September, 2006
New Wireshark packages that fix various security vulnerabilities are now available. Wireshark was previously known as Ethereal. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-wireshark-security-update-73625 |
||
| RedHat: Low: ncompress security update | ||
| 12th, September, 2006
Updated ncompress packages that address a security issue and fix bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-ncompress-security-update-RHSA-2006-0663-01 |
||
| RedHat: Important: xorg-x11 security update | ||
| 12th, September, 2006
Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-xorg-x11-security-update-6165 |
||
| RedHat: Important: XFree86 security update | ||
| 12th, September, 2006
Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-xfree86-security-update-11213 |
||
| RedHat: Critical: flash-plugin security update | ||
| 12th, September, 2006
An updated Adobe Flash Player package that fixes security issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-flash-plugin-security-update-73664 |
||
| SuSE | ||
| SuSE: ImageMagick (SUSE-SA:2006:050) | ||
| 8th, September, 2006
Several security problems have been fixed in ImageMagick: CVE-2006-3744: Several heap buffer overflows were found in the Sun Bitmap decoder of ImageMagick during an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. CVE-2006-3743: Multiple buffer overflows were found by the Google Security team in the XCF handling due to incorrect bounds checking. This problem could be exploited by an attacker to execute code. CVE-2006-4144: An integer overflow in the ReadSGIImage function can be used by attackers to potentially execute code. |
||
| SuSE: Apache2 security problems | ||
| 8th, September, 2006
The security fix for CVE-2005-3357 (denial of service) broke the earlier security fix for SSL verification (CVE-2005-2700). This problem has been corrected. Additionally a cross site scripting bug with the "Expect" header error reporting was fixed (CVE-2006-3918). The Apache foundation does not consider this a security problem. |
||
