RFID with
Bio-Smart Card in Linux - In this paper, we describe the integration
of fingerprint template and RF smart card for clustered network, which is
designed on Linux platform and Open source technology to obtain biometrics
security. Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a Personal Identification
Number (PIN) and the card holder is authenticated using the biometrics template
stored in the smart card that is based on the fingerprint verification. The
fingerprint verification has to be executed on central host server for security
purposes. Protocol designed allows controlling entire parameters of smart
security controller like PIN options, Reader delay, real-time clock, alarm
option and cardholder access conditions.
pgp Key
Signing Observations: Overlooked Social and Technical Considerations
- While there are several sources of technical information on using pgp in
general, and key signing in particular, this article emphasizes social aspects
of key signing that are too often ignored, misleading or incorrect in the
technical literature. There are also technical issues pointed out where I
believe other documentation to be lacking. It is important to acknowledge
and address social aspects in a system such as pgp, because the weakest link
in the system is the human that is using it. The algorithms, protocols and
applications used as part of a pgp system are relatively difficult to compromise
or 'break', but the human user can often be easily fooled. Since the human
is the weak link in this chain, attention must be paid to actions and decisions
of that human; users must be aware of the pitfalls and know how to avoid them.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Earn an NSA recognized IA
Masters Online - The NSA has designated Norwich University a center
of Academic Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched consulting
experience. Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.
Protect your home and business networks with the free, community version of
EnGarde Secure Linux. Don't rely only on a firewall to protect your network,
because firewalls can be bypassed. EnGarde Secure Linux is a security-focused
Linux distribution made to protect your users and their data.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Researcher Attempts To Shed Light On Security Troll
23rd, October, 2006
The troll--as such taunting posters are dubbed--would frequently ignite massive angry e-mail responses, or flame wars, at times limiting the usefulness of the Full Disclosure list. Over time, n3td3v took on multiple online personalities, or gained members of the n3td3v group, and attempted to create an online security hub. The group's favorite targets included Yahoo!, Google, other researchers and security news reporters, including this one. Even after n3td3v gave up the virtual ghost in September 2006, no one knew the name of the person who infuriated, and amused, so many researchers.
PGP Corporation, Vontu and The Ponemon Institute released the 2006 Annual Study: Cost of a Data Breach. This benchmark analysis details the financial impact of data loss incidents on affected companies. According to the study's 2006 findings, data breaches cost companies an average of $182 per compromised record, a 31 percent increase over 2005. The Ponemon Institute analysed 31 different incidents for the study. Total costs for each ranged from less than $1 million to more than $22 million.
The British Standards Institute has released a new book on the latest networking standards and their importance in security. "Delivering and Managing Real World Network Security" provides an overview of guidance given in the five parts of the BS ISO/IEC 18028 standard, including network security risks faced by modern infrastructures using LANs, WANs, wireless, broadband and VPNs as well as internet security.
After graduating in computer science earlier this year, I have been working in desktop support and doing minor project work. I would like to move into security and possibly get certified as an MCSA. What is the best way to do this? It is not uncommon for security professionals to come from a support background. The key is to determine what part of security interests you, as there are a number of different areas within IT security. Prospective employers in many of these areas are keen to take on junior candidates to train and develop. Areas that you should look at include governance, legislation, technical security (including administration, design, penetration testing and network security), pre-sales and consultancy.
Are You Sure You're As Prepared As You Think You Are
28th, October, 2006
Recently, the area I live in experianced a power outage due to a surprise storm that came through and snapped trees like they were matchsticks. When those trees broke, they took thousands of power lines with them. At one point, there were nearly 500,000 households and businesses without electricity - including of course, my employer. There are quite a few things we've learned as a result of this, so I'm going to point them out as the story moves along. As in many companies, our first line of defense is a UPS. On any normal day according to the display on the unit we should have about 45 minutes of runtime available at full capacity.
Increasingly, organizations are developing comprehensive security strategies and implementing a variety of online and on-demand security applications and services across the entire range of their IT operations.
The need for fast, efficient and unobtrusive protection has led some security systems developers to become managed security service providers (MSSPs). In addition to delivering patches and system updates via automatic or on-demand downloads, MSSPs are broadening the range of security management services they provide.
The Four Key Qualities of Effective Host Intrusion Prevention (HIP) Solutions: Defining Deep HIP
24th, October, 2006
Unrelenting and increasingly sophisticated attacks against enterprise networks have dramatically raised organizations’ IT security risks. With the relative ease that many types of attacks by-pass perimeter security, traditional perimeter based security approaches are no longer sufficient to adequately protect enterprise assets. To combat these threats, security professionals are implementing multi-layered defenses, with the last line of defense being implemented at the host itself.
Web Content Filtering in the Corporate Network Perimeter
24th, October, 2006
Internet provides a wide range of content related to all topics. A large part of it is necessary to develop business activity. For this reason, companies in the twenty first century need the information available on the Internet to guarantee good results. However, the universal nature of this content allows employees with Internet access to make personal use of company resources, accessing content that is not related to their work, and thereby degrading the company’s profitability.
When asked about security on a multi-user Linux system, a wise man once said "everyone is root if you allow them to login as a user." There is plenty of truth in that, but embracing imminent compromise isn't always acceptable. Let's take a look at how you can limit your exposure while letting unknown and untrusted users login with a shell.
There are two groups of people who typically want to heavily restrict login users. First, the collaborators: possibly two separate organizations that have been forced to work together. Second, people who wish to allow some shady characters access to a shell but believe they may attempt to compromise security. If at all possible, the best policy is to simply not give access out, and if you do, make sure patches are applied daily.
Cybercrime has evolved considerably over the past few years with new technologies being created and applied. As a result, cybercrime is no longer committed by individual amateurs; it’s become a lucrative business run by highly organized groups. This article includes an analysis of what kind of virtual property is attractive to cyber criminals and what methods are used to obtain user data.
While cosmologists explore a universe which exists independently of them, things are rather different for those of us who study what is happening on the internet.
For although the physics of electronic circuit design and the mathematics of signal processing provide some boundaries to the possible and force engineers into ever more inventive approaches to getting more processing cycles per second or bits per square centimetre, much of the design and implementation of network architecture is a matter of choice.
The security industry and trade press have directed a lot of attention toward the "Zero-day attack," promoting it as THE threat to guard against. According to the marketing hype, the Zero-Day attack is the one that you should most fear, so you must put in place measures (i.e., buy stuff) to defend your organization from it.
The Zero-Day threat is born the moment a vulnerability is publicly announced or acknowledged. But what about the period of time that the threat existed before being announced. At StillSecure we call this class "Less-Than-Zero" threat. In this two-part series I'll examine this Less-Than-Zero threat, compare it to the Zero-Day threat, and discuss ways to protect yourself from Less-Than-Zero attacks and vulnerabilities for which patches, signatures, etc. do not yet exist.
The open source project already offers penetration testing tools and exploit code. Now it's going further, offering eVade-o-Matic, a tool to make it harder to detect exploit code aimed at Web browsers. Has the group gone too far? Moore's like many security researchers who gin up publicity for the software flaws they find, as he did with his bug-a-day stunt highlighting browser weaknesses in July. But he goes further, as one of the main forces behind the Metasploit Project, which posts a free, open source platform that makes it easier to develop and test code that can take advantage of software vulnerabilities. Included are more than 150 examples of such code ready to exploit flaws.
Customer data security and the risk of identity theft is high in the public consciousness at the moment.
This month's Channel 4 Dispatches documentary on data being stolen from Indian call centres has added fuel to a fire that was sparked into life earlier this year with the news that the US Department of Veterans Affairs had lost a laptop containing the personal details of 26.5 million veterans and active service personnel.
But behind the headlines, the issue for UK business goes deeper, with far too many firms not yet having addressed or assessed their core data security risks, or even ensured compliance with the UK's Data Protection Act.
Internaut: Automate Security To Fight Automated Attacks
27th, October, 2006
Is your agency automating its approach to security management? In most cases, automation could be the best way to ensure that security policies and procedures are standardized and properly implemented across a government enterprise. Full security automation takes an agency far beyond automatic virus updates or firewall configuration. It’s actually more of a business-process automation solution that allows agency managers to set specific standards for security then empower IT operations with a formal way to comply with all standards, regulations, policies and best practices.
Contactless credit cards, which allow data to be read without swiping through a reader, pose a serious privacy and security risk because some information is not stored encrypted, according to a paper written by five university and industry researchers.
The researchers claim that nearly 20 million radio-frequency identification (RFID) credit cards in circulation today could be vulnerable to skimming attacks, which could harvest names and credit-card details from the cards of passers-by. A skimming attack uses a normal reader, or one that has been enhanced to read cards from a greater distance, to grab unencrypted data from the card.
Latest data indicates that one in every 204 e-mail messages contains a virus, and that 99 percent of viruses enter companies via SMTP mail or HTTP web-browsing. And its not just viruses that cause problems. For example, the SQL Slammer worm hit thousands of servers around the world, exploiting buffer overflow vulnerability and causing denial of services in SQL servers which resulted in losses estimated, according to Computer Economics, at 705 million euros. Due to the increasing sophistication of Internet-borne threats, Panda Software proposes a layered protection strategy in which the Internet gateway plays a vital role, as is the strategic network point used to send and receive e-mails, all type of content... and 99 percent of viruses.
The word spam comes from a gag in a comedy series in which all the dishes in a restaurant include a brand of canned luncheon meat called spam as the main ingredient. By way of comparison, this term started being used to describe the huge number of unwanted messages received by any email account. Although it is not usual, spam may contain viruses or other malicious codes, or email addresses which lead to web pages equipped to download programs in an unauthorized manner. This was presumably the method used by the famous worm Sobig.F which was granted the title “the fastest spreading virus in computer history.”
Security — How Do You Know You Have It If You Don’t Measure It?
26th, October, 2006
Achieving IT security goals requires more than information technology. It requires a set of metrics to tell you how close you are to reaching your goals. “You get what you measure,” Postal Service IT governance manager James L. Golden said Wednesday at the Federal Information Assurance Conference being held at the University of Maryland. USPS, which has one of the nation’s largest IT infrastructures with 7,000 networked sites and 175,000 users in every corner of the country, uses 130 metrics to track its daily, weekly and monthly security posture, said IT program manager Kenneth Nesper Jr. Doing this requires cooperation throughout the organization, he said.
Hackers are developing new software that will help hide browser attack code from some types of security software. The software, called VoMM (eVade o’ Matic Module), uses a variety of techniques to mix up known exploit code so as to make it unrecognizable to some types of antivirus software. Using these techniques, VoMM "can create an endless number of variants of an exploit," said Aviv Raff, one of the developers behind the project. "It aims to provide several techniques out of the box to make browser exploits (mostly) undetectable," according to a blog posting by one of the project's founders, a hacker going by the name of "LMH."
We said we'd do it and we meant it. When the Steve Rambam talk at HOPE Number Six was disrupted by his arrest minutes before he was scheduled to go on stage, we vowed to make sure it would one day be presented to the public. That day has now been set and we trust that the FBI won't interfere this time.
On Thursday, November 16, HOPE Number Six will finally end with the presentation: "Privacy is Dead - Get Over It" featuring Steve's revealing look at how much information on each of us is readily accessible to virtually anyone. As part of the talk, Steve will reveal all of the information he was able to find on a volunteer "victim." In addition, he will answer all sorts of questions from the audience, including what really happened back in July.
Virus Bulletin 2006, the international virus conference, was held in Montreal this year. Just a few weeks ago I was fortunate enough to attend many of the presentations, which ranged from topics of targeted trojan attacks, botnets and new methods of botnet coordination, to the growing criminal element behind viruses. It's sometimes shocking to see how much the virus world has changed in the last few years. I'd wager that if there was just one overall theme of the conference, it was about criminals and the new profit motive behind today's malware. Long gone are the days when viruses were made by hackers just for fun. My favorite quote taken from the excellent, low-key conference was during a panel discussion on fighting cyber crime: "If anyone in the audience is a member of organized crime, please raise your hand." There's big money on the criminal side of viruses these days. The past two or three years has seen a dramatic rise in for-profit virus activity at every level, from the people running botnets and making money off spyware to widespread phishing attacks and various trojans that encrypt a user's data and request a ransom.
These days, free or low-cost WiFi is almost a given at a coffee shop as are double-tall, half-decaf moccachinos with hazelnut syrup (hold the foam). WiFi is great for attracting customers... and spammers, as The Green Bean in Greensboro, NC found out last week. The coffee shop had its Internet connection shut off after its ISP noticed a gigantic volume of spam originating from its IP address. The Green Bean's WiFi isn't free, but a dollar per day isn't going to break the bank for most users. For a spammer looking to dump a couple million e-mails into inboxes and spam filters around the world, it's quite a bargain.
The Metasploit Project plans to add 802.11 (Wi-Fi) exploits to a new version of its point-and-click attack tool, a move that simplifies the way wireless drivers and devices are exploited. The controversial open-source project, created and maintained by HD Moore, of Austin, Texas, has added a new exploit class that allows modules to send raw 802.11 frames at one of the most vulnerable parts of the operating system. In recent months, there has been an increase in public awareness around the severity of wireless driver flaws. At the August 2006 Black Hat Briefings in Las Vegas, researchers David Maynor and Jon "Johnny Cache" Ellch showed off a new technique for breaking into computers via Wi-Fi driver vulnerabilities on Windows and Mac systems.
The Black Hat demo pushed several vendors—Intel, Apple and Toshiba—to release patches and prompted Microsoft to invite Ellch to its internal BlueHat security conference to explain the risks to Redmond executives and employees.
http://www.linuxsecurity.com/content/view/125413
Only registered users can write comments. Please login or register.
