Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: December 10th, 2007
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Linux Traffic Analysis, Quick and Simple," "Tips for Taming SE Linux," and "Easy Crypt for Ubuntu."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Knock, Knock, Knockin' on EnGarde's Door (with FWKNOP) - Secret knocks have been used for purposes as simple and childish as identifying friend or foe during a schoolyard fort war. Fraternities teach these knocks as a rite of passage into their society, and in our security world we can implement this layer of security to lock down an SSH server.
With this guide on FWKNOP by Eckie S. (one of our own), you are taken on an easy-to-follow process of securing your platform with your own client and server port knocking set-up.
Installation, iptable Rules setup, configuring access for the client and server, and everything in between. Check it out!
Master's Student: Social Engineering is not just a definition! - We are happy to announce a new addition to the Linux Security Contributing Team: Gian G. Spicuzza. Currently a Graduate Student pursuing a Masters Degree in Computer Security (MSIA), Gian is a certified Linux/Unix administrator, the lead developer for the OSCAR-Backup System (at Sourceforge.com) and has experience in a variety of CSO, Management and consulting positions.
His first topic is a quick foray into the world and psychology of Social Engineering:
All the security in the world isn't going to stop one of your employees or coworkers from giving up information. Just how easy is it?
Craig never worked for Linda's company, nor did he call from IT. Craig was an unethical hacker who just gained unauthorized access to her account. Why? Because a phone call is simple.
Read on to see just how easy businesses can be exploited.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
Full-featured traffic analyzers for Linux systems such as ntop and vnstat are widely available, but sometimes you just want a simple program that gives you fast, basic information about the amount of traffic going in and out of the hosts on your network. Darkstat, a packet sniffer that runs as a background process, fills that role. It gathers statistics about network usage and displays them over HTTP.
It's an important security practice to know what traffic is going in and out of your network. Have you looked at your network traffic lately?
More bugs = Tighter Security (Firefox VS IE) (Dec 7)
Catching 8 out of 10 bugs is not worse that catching 6 out of 10. And yet, this is the logic behind Microsoft's criticism of Mozilla's Firefox Web browser. To add insult to injury, we don't even know if it is, in fact, 10? Is it 20? Who knows? When there's no open dialog, you are at the whim of voluntary disclosure - disclosure that equals bad PR. But PR and true security are exclusive...
This much and more is said in an interview with Tristan Nitot, the president of Mozilla Europe. He gets into Linux, browsers, policies, security and more.
I'm surprised that bug counting, which is a terrible metric, was used by Microsoft. It isn't easy to assess security, but bug counting definitely isn't the way to do it. I'd rather talk about time to fix the duration of the window where users are at risk, which in our opinion is a much better metric.
Last week we took the eagle's eye view of the principles behind SELinux. Today we'll dig a bit more deeply into SELinux policies, and then fire up Fedora 8 and see what SELinux looks like in practice. I recommend using the latest Fedora version as a SELinux training tool, because Fedora has the most mature implementation and userspace tools. Red Hat Enterprise Linux and CentOS, the leading Red Hat clone, have similar SELinux setups to Fedora. Gentoo also has a nice SELinux implementation. I don't recommend starting from scratch. Start with a working setup, and then plan to spend considerable time learning your way around it, because it is a big complex beast.
SELinux is a huge security framework but this articles does a good job at taking a look at one part at a time. The next time a program is not working correctly with SELinux turned on, try to debugging the problem and add some SELinux policy.
EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
Do you consider your files "top secret" information? Do you keep sensitive work information or bank account information on your computer? What your gift list for the holiday season? :)
Either way, if you want some serious encryption on you system, look no further than EasyCrypt: a military grade encryption tool that can allow for AES 512-bit Whirlpool encryption.
I tried using TrueCrypt on Ubuntu in the past, but found it annoying to be entering terminal commands several times a day to access the encrypted file. I find Easy Crypt to be a speedy, practical, and easy to use interface on a daily basis.
With the basic Easy Crypt setup, your locked files are saved as a hidden file in your user directory, located at /home/username/.easycrypt-crypt (although using the ‘expert’ mode you can choose to use a crypt saved at any location, including a USB key)
