General Esm W900
This week, the most interesting articles include "How to Secure Ubuntu With AppArmor," "Managing SELinux with SETools," and "Does Active Directory Top Linux Authentication Options."

Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.

In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.

LinuxSecurity.com Feature Extras:

Review: Linux Firewalls - Security is at the forefront of everyone's mind and a firewall can be an integral part of your Linux defense. But is Michael's Rash's "Linux Firewalls," the newest release from NoStarchPress, up for the challenge? Eckie S. here at Linuxsecurity.com gives you the low-down on this newest addition to the Linux security resource library and how it's one of the best ways to crack down on attacks to your Linux network.

State of Linux Security Survey - It is customary for communities of every sphere to stand up occasionally, and take a good, long look at what�s going on in the world around them. For us here at Linuxsecurity.com, we felt it was a great opportunity to put it all together.

Since 1996, Linuxsecurity.com has been bringing open source news, HOW-TOs, Feature stories and more to the open source community with comprehensive coverage. As one of the veterans in this area, we�d like to see you chime in. With so much going on in Linux and security, what does the community really care about?

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

EnGarde Secure Community v3.0.17 Now Available (Oct 9)

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.17 (Version 3.0, Release 17). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features.

In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce.
How to Secure Ubuntu With AppArmor (Nov 2)

AppArmor attempts to protect processes on the server or desktop from security threats. AppArmor enforces limits on what processes can access on the system. It attempts to restrict processes to those resources that the process requires to function only. AppArmor will not only define the system resources a program can access , it will also determine the privileges with which it can access those resources. To protect applications you will need to set up a security profile for each application that you want to protect.

This article talks about how to help secure Ubuntu with the AppArmor security framework. Since the release of Ubuntu Gutsy, AppArmor has been installed and loaded by default. Have you testing AppArmor with Ubuntu let if so do you think your computer is more secure?

howtos/harden-my-filesystem/how-to-secure-ubuntu-with-apparmor
Kernel Space: Should Security Modules be Dynamically Loadable? (Oct 31)

The ever-contentious Linux Security Modules (LSM) API is being debated once again on linux-kernel, not its removal, which Linus Torvalds came down firmly against, but whether it should allow security modules to be loaded dynamically. As part of 2.6.24, Torvalds merged a patch to convert LSM into a static interface, but has indicated a willingness to revert it. The key sticking point is whether there are real security modules that require the ability to be runtime-loaded.

The debate continues over the Linux Security Module. The question is whether a security module should have the ability to load at runtime? Since the LSM connects to key parts of kernel space, a loadable module could open it vulnerable to a attack.

OSSEC HIDS v1.4 Available (Oct 30)

The team at Ossec.net is pleased to announce the general availability of OSSEC HIDS version 1.4.

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Managing SELinux with SETools (Oct 30)

Configuring high-end SELinux (Security-enhanced Linux) policies can be a daunting challenge to system administrators, especially those who are new to the concepts and processes. But there are a number of useful tools available that will help you write, analyze and report on your policy. In this tip we'll look at one of these tools: SETools, a free open source product from Tresys Technology.

This takes you through the capabilities of SETools, installing on your system and testing it out. With some emphasis on graphical tools and varied capabilities, this is a very useful resource.
Does Active Directory Top Linux Authentication Options? (Oct 30)

While Microsoft's Active Directory (AD) is an effective play to circumvent the inherent central authentication foibles of Linux, getting the technology synced with servers has been a complex undertaking for IT practitioners, to say the least.

Integrating with Windows eventually has to happen since there is no denying the majority. However, there are obvious open source secure solutions to authentication with Windows - LDAP and Kerberos along with a touch of Samba can go a long way in providing that type of solution. Read on for a devil's advocate's view of Linux authentication in a Windows environment - do you think these solutions match up to what Microsoft can put out?

news/server-security/does-active-directory-top-linux-authentication-options
Secure DNS? Not Just Yet (Oct 30)

In fact, there are a number of ways DNS can be subverted to provide bogus information. An attacker could gain access to the DNS server and change records or use one of the many publicly available tools to forge a response. He could insert bogus information into a DNS cache or add false information to your computer's host name table, as we've seen with numerous worms and Trojans. Many of these attacks are difficult to pull off, and they're often short-lived and relatively easy to detect and correct. Still, while they last, damage can be done.

How can you make sure that the domain name you entered into your browser is leading you to the right place? There are some Firefox extensions that can make you aware of these fake sites. Do you use any of them?

news/network-security/secure-dns-not-just-yet
Analyse Linux Networks Through the Ethereal World of Wireshark (Oct 29)

Previously, we�ve covered Linux security topics on ITWire and showed free tools like nmap and snort and tightening SSH. Wireshark�s purpose is to sniff network traffic, but moreso to interpret and analyse that traffic, giving a far more meaningful breakdown of the actual protocols and applications running, and the nature of the communication that is happening. This is known variously as protocol decoding, and dissecting

It's a good security practice to know whats going on the wires for your network. This article talks about the well known packet sniffer called Wireshark. Do you use any packet sniffer to help tighten your network?

news/network-security/analyse-linux-networks-through-the-ethereal-world-of-wireshark