RFID with
Bio-Smart Card in Linux - In this paper, we describe the integration
of fingerprint template and RF smart card for clustered network, which is
designed on Linux platform and Open source technology to obtain biometrics
security. Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a Personal Identification
Number (PIN) and the card holder is authenticated using the biometrics template
stored in the smart card that is based on the fingerprint verification. The
fingerprint verification has to be executed on central host server for security
purposes. Protocol designed allows controlling entire parameters of smart
security controller like PIN options, Reader delay, real-time clock, alarm
option and cardholder access conditions.
pgp Key
Signing Observations: Overlooked Social and Technical Considerations
- While there are several sources of technical information on using pgp in
general, and key signing in particular, this article emphasizes social aspects
of key signing that are too often ignored, misleading or incorrect in the
technical literature. There are also technical issues pointed out where I
believe other documentation to be lacking. It is important to acknowledge
and address social aspects in a system such as pgp, because the weakest link
in the system is the human that is using it. The algorithms, protocols and
applications used as part of a pgp system are relatively difficult to compromise
or 'break', but the human user can often be easily fooled. Since the human
is the weak link in this chain, attention must be paid to actions and decisions
of that human; users must be aware of the pitfalls and know how to avoid them.
Bulletproof
Virus Protection - Protect your network from costly security
breaches with Guardian Digital’s multi-faceted security applications.
More then just an email firewall, on demand and scheduled scanning detects
and disinfects viruses found on the network. Click
to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Earn an NSA recognized IA
Masters Online - The NSA has designated Norwich University a center
of Academic Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched consulting
experience. Using interactive e-Learning technology, you can earn this esteemed
degree, without disrupting your career or home life.
Protect your home and business networks with the free, community version of
EnGarde Secure Linux. Don't rely only on a firewall to protect your network,
because firewalls can be bypassed. EnGarde Secure Linux is a security-focused
Linux distribution made to protect your users and their data.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
What are the most common causes of security breaches?
3rd, December, 2006
One of the key internal threats to corporates is spyware, because it’s all too often introduced without malicious intent, by employees that naively click through a couple of pop-up browser windows, or install an unapproved yet ‘cool’ application on the network. The situation isn’t helped by the myths that surround spyware.
Joanna Rutkowska writes: "At the beginning of this year, at Black Hat Federal Conference, I proposed a simple taxonomy that could be used to classify stealth malware according to how it interacts with the operating system. Since that time I have often referred to this classification as I think it is very useful in designing system integrity verification tools and talking about malware in general. Now I decided to explain this classification a bit more as well as extend it of a new type of malware - the type III malware."
Open Source Linux Security on opensourceloudspeaker.com
5th, December, 2006
In this edition of the Open Source Loud Speaker broadcast, the topic is the Linux platform as a secure platform and the benefits of Linux in a secure open source environment. Amongst those interviewed by Herb Kraft is founder and CEO of Guardian Digital Dave Wreski. Wreski discusses Guardian Digital's secure version of Linux, EnGarde Secure Linux, and how it impacts the open source security community.
E-mail is at risk - vulnerable to external attack from viruses, spam, spyware and phishing technologies. And vulnerable to abuse from within, which could result in: acceptable use policies being compromised; regulatory compliance violations; and/or confidential corporate data being leaked externally.
A Florida man pleaded guilty yesterday in federal court to hacking into computer systems at two major universities as part of establishing a "bot" network of compromised computers from which he could launch distributed denial of service attacks on computers and networks attached to the Internet.
Hashing for fun and profit: Demystifying encryption for PCI DSS
7th, December, 2006
or many people, cryptography is akin to biblical Gnosticism -- there are a few who intimately know cryptography and its s-boxes, permutations, salts, and other magic1 -- and then there are the rest of us whose eyes glaze over when the topic arises. This is partially because cryptography by design was once known only to the denizens of the National Security Agency and a few academics. Until 1996, it was illegal under federal law to export strong cryptography from the United States, which may have discouraged others from learning the art.
This guide describes how to generate and use a private/public key pair to log in to a remote system with SSH using PuTTY. PuTTY is an SSH client that is available for Windows and Linux (although it is more common on Windows systems). Using key-based SSH logins, you can disable the normal username/password login procedure which means that only people with a valid private/public key pair can log in. That way, there is no way for brute-force attacks to be successful, so your system is more secure.
Set Up Ubuntu-Server 6.06 LTS As A Firewall/Gateway For Your Small Business Environment
10th, December, 2006
Needs very little maintenance and is extendable beyond your wildest imagination. All depending on the hardware used, of course. This is just a COPY&PASTE howto. For more info use the net. I did... However, contributions and suggestions are allways welcome! I know this can be done better, so feel free. I should have based this tuto on 6.06 LTS right away, because of the LTS. Sorry for that. Due to some minor but important changes needed to make this work with Ubuntu 6.06 LTS, I wrote it again.
Interview with Linux Security Expert Kurt Seifried
7th, December, 2006
Linux.com readers might know Kurt Seifried as the author of the Linux Administrators' Security Guide or proprietor of the popular security mailing list. In this interview, he gives his views on how security in Linux has been stacking up and where it's lacking, what users can do to secure their systems, and whether every admin needs to know much about security. Over the years Seifried has made a name for himself in the world of Linux security, and he's not resting on past accomplishments. He's part of the technical team at iDefense/Verisign, which he says "allows me to spend most of my time keeping on top of all the current security threats." Seifried is also working on a new site called RiskBloggers.com, a blog/magazine with articles on security and risk.
There's no dearth of Linux distributions to choose from. With so many to choose from, one might think it's as easy as picking up the Linux kernel, throwing in a few applications, setting up respositories, making ISOs and you've got a shiny new Linux distro. Well, there's more to a Linux distro than assembling applications and making sure everything works. A lot of time and effort, at least for major distros, is spent on making the distribution secure and getting updates out in a timely fashion. To start with, all major distributions have security teams that collaborate with the main release team to ensure no vulnerable packages make their way into the final release.
Simple Firewall Configuration Using NetFilter/iptables
5th, December, 2006
Most major Linux distributions, SuSE ones included, feature some user interface for firewall configuration. There's nothing wrong with them but I couldn't get quite the configuration I wanted and chose to create configurations manually. The iptables man pages are really a documentation of syntactical detail of the iptables command line and don't provide guidance on composition of a firewall from a series of rules. There's a lot of scattered information about iptables that can be found using your favourite search engine but none of it quite taught me what I needed to know. In the end I figured out what I needed using a Vmware virtual machine running SuSE Linux Pro 10.0. The following is offered as documentation of simple firewall configuration using iptables. Verifying that the resultant firewall adequately secures the relevant hosts is left as an exercise for the reader.
Security is an important issue in computing. Unfortunately, many computers allow a cracker to gain access to them and retrieve sensitive information, or just make life hard. This article will review the basics in general security and explain how to apply it to two Linux distributions--Ubuntu and Kubuntu. This article assumes that you know how to install programs on either Ubuntu or Kubuntu. It also assumes that you have some knowledge of basic computer networking principles. If you do not know how to install programs on Ubuntu, go tohttps://help.ubuntu.com/community/InstallingSoftware. If you do not know much about networking, go to http://www.faqs.org/docs/linux_network/x-087-2-intro.html. This article also assumes that you are using Ubuntu or Kubuntu 6.06(Dapper Drake), but the Firewall section can be adapted for any recent Linux distribution.
There are two philosophies in which to protect against cross-site scripting (XSS) attacks: input encoding and output encoding. Input encoding means that the application takes whatever the user gives it and then encodes it so that when the information is outputted it has already been sanitized. Output encoding means that the application takes whatever data is given to it in whatever form it takes and stores it. Once it is ready for output it is sanitized before being shown to the user. I've heard people say that output encoding is the right way to deal with HTML injection and XSS attacks as well. There's one concept I haven't bought off on personally. Let's take an example where you have a single input, which is your name.
There's no dearth of Linux distributions to choose from. With so many to choose from, one might think it's as easy as picking up the Linux kernel, throwing in a few applications, setting up respositories, making ISOs and you've got a shiny new Linux distro. Well, there's more to a Linux distro than assembling applications and making sure everything works. A lot of time and effort, at least for major distros, is spent on making the distribution secure and getting updates out in a timely fashion.
To start with, all major distributions have security teams that collaborate with the main release team to ensure no vulnerable packages make their way into the final release. For example, Chris Gianelloni, release engineering strategic lead of Gentoo says that the release engineering team works with Gentoo's security team and individual architecture teams to make sure Gentoo doesn't have security vulnerabilities when Gentoo is released.
SafeNet is shipping an "integrated IPSec VPN platform" software said to support VPN connections from next-generation mobile devices. QuickSec 4.1 Server and Client Toolkits helps developers incorporate the most current IPSec security standards, such as MobIKE, into carrier-grade security gateways, network routers, mobile VPN devices, and desktop VPN clients, according to the company.
Computer users who type in the same username and password for multiple sites - such as online banks, travel agencies and booksellers - are at serious risk from identity thieves, a United Nations agency said.
The International Telecommunication Union, a Geneva-based UN branch, said businesses and regulators need to find a solution to the spread of personal information on the internet, possibly by developing more streamlined identification methods.
At the moment, the ITU said the sheer number of identifiers and passwords required from computer users made it nearly inevitable that they repeat passwords.
Q&A: Responsible disclosure of vendor flaws and what it means
5th, December, 2006
To some, vulnerability researchers such as H.D. Moore are knights in shining armor for their efforts to discover security flaws in software products. Since launching the controversial Metasploit Project in 2003, H.D. Moore and a group of independent bug hunters have publicly posted information that makes it easier to develop and test code that can be used to attack software vulnerabilities. Earlier this year, he began a Month of Browser Bugs campaign during which he promised to disclose one browser flaw a day for an entire month. More recently, his group released a tool designed to prevent browser exploit code from being detected by signature-based security tools. Supporters of researchers such as Moore argue that their work helps make software more secure. Opponents argue that the only ones being helped are the malicious attackers. In an interview, Moore talked about what he's doing.
What is SCADA and how does it affect me? SCADA is an acronym for Supervisory Control And Data Acquisition. SCADA is one of two primary types of process control systems that is used to collect sensor measurements and operational data from remote field units. The data is then processed to determine if the values are within the specified tolerances and to make corrections, if needed, to maintain stability and control. SCADA systems are used to manage critical infrastructure functions such as the transmission and distribution of electricity, pressure and proper flow of gas pipelines, monitor water quality characteristics, safely operate chemical production facilities, and control transportation systems, and others. (Dacey,10) We rely on these systems being functional and always available and undergo hardship when something goes wrong. Improper operation or loss of SCADA systems could lead to a “loss of reputation, environmental impacts, production and financial loss and even human injury.” (Myths and Facts, 5) Therefore it is vitally important for us to examine the threats and vulnerabilities to our SCADA systems and ascertain what steps need to be taken to secure these control systems that we’ve all come to depend on.
Podcast: Security certifications pay could rebound in '07
6th, December, 2006
Security certifications are languishing, according to skills and certification pay expert David Foote of Foote Research. Foote's firm conducts a salary survey of 50,000 IT pros charting quarterly increases and decreases in skill and certification pay. In this interview, Foote outlines the state of the IT security job market and what IT pros could expect moving into 2007.
Cybercriminals are increasingly working hand-in-hand with traditional criminals to steal identity and bank account information. "This isn't Johnny Hacker from Romania stealing money from a bank," says Ralph Logan, partner with The Logan Group, which helps corporate clients with their computer forensics investigations. "These are criminal gangs working with 'electronic' gangs and getting that banking information and translating it into the real world."
Whether you enjoy the hustle and bustle of shopping in stores or prefer the flexibility and convenience of online shopping, be careful to not give the gift of your personal information to an identity thief.
China is fielding information warfare units and developing anti-satellite capabilities aimed at countering U.S. military technology, according to a U.S. congressional commission. China’s cyberwarfare strategy has switched from a defensive to an offensive posture, with the goal of attacking enemy networks and denying adversaries access to information, said the U.S.-China Economic and Security Review Commission (USCC) in its annual report, released Nov. 16. Chinese strategy focuses on U.S. systems that perform command and control or deliver precision weapons, the report states.
An infected laptop PC gave hackers access to computer systems at a Harrisburg, Pa., water treatment plant earlier this month.
The plant's systems were accessed in early October after an employee's laptop computer was compromised via the Internet and then used as an entry point to install a computer virus and spyware on the plant's computer system, according to a report by ABC News.
The incident is under investigation by the FBI, but no arrests have been made in the matter, said Special Agent Jerri Williams of the FBI's Philadelphia office. The attackers are believed to have been operating outside of the U.S.
Security Header
Phishers Attack MySpace with QuickTime Exploit Worm
7th, December, 2006
Identity thieves are manipulating a feature in Apple Computer's embedded QuickTime player to launch phishing attacks on the popular MySpace.com social networking portal.
http://www.linuxsecurity.com/content/view/126102
Only registered users can write comments. Please login or register.
