Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: December 17th, 2007
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Iptables as a Replacement for Commercial Enterprise Firewalls," "The Top 5 Most Overlooked Open Source Vulnerabilities for 2007," and "Running SysReport in Production."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Knock, Knock, Knockin' on EnGarde's Door (with FWKNOP) - Secret knocks have been used for purposes as simple and childish as identifying friend or foe during a schoolyard fort war. Fraternities teach these knocks as a rite of passage into their society, and in our security world we can implement this layer of security to lock down an SSH server.
With this guide on FWKNOP by Eckie S. (one of our own), you are taken on an easy-to-follow process of securing your platform with your own client and server port knocking set-up.
Installation, iptable Rules setup, configuring access for the client and server, and everything in between. Check it out!
Master's Student: Social Engineering is not just a definition! - We are happy to announce a new addition to the Linux Security Contributing Team: Gian G. Spicuzza. Currently a Graduate Student pursuing a Masters Degree in Computer Security (MSIA), Gian is a certified Linux/Unix administrator, the lead developer for the OSCAR-Backup System (at Sourceforge.com) and has experience in a variety of CSO, Management and consulting positions.
His first topic is a quick foray into the world and psychology of Social Engineering:
All the security in the world isn't going to stop one of your employees or coworkers from giving up information. Just how easy is it?
Craig never worked for Linda's company, nor did he call from IT. Craig was an unethical hacker who just gained unauthorized access to her account. Why? Because a phone call is simple.
Read on to see just how easy businesses can be exploited.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
Iptables as a Replacement for Commercial Enterprise Firewalls (Dec 14)
Are you administrating a corporate network? How do you ensure securing your web services? There are many different solutions, but Iptables is one of the newer ones, and is up to the job.
With IT budgets getting tighter, managers need to trim costs. Service contracts are expensive for any technology; firewalls are no exception. Netfilter, the project that provides the packet filtering program Iptables, is a free firewall alternative. While it lacks the service contract of commercial solutions and a pretty interfaces to make firewall modification easy, it has solid performance, performs effectively at firewalling, and allows for add-on functionality to enhance its reporting and response functions.
The Top 5 Most Overlooked Open Source Vulnerabilities for 2007 (Dec 13)
Vulnerabilities and advisories are a standard part of running your system. So for the Open Source realm, which ones deserve the most attention? Well, Palamida, a code testing company has done just that:
For year-end 2007, we have compiled the Top 5 Most Overlooked Open Source Vulnerabilities encountered during 2007. We came up with this list after reviewing over 300 million lines of code and spending literally thousands of hours of analysis across a wide range of industries - including technology, financial services and government, among others.
So what do we mean by "Most Overlooked"? Well first, we mean that these are known vulnerabilities with a high-severity, Common Vulnerability and Exposure, (CVE) ranking found within open source projects that appear in code audits we perform. Secondly, and perhaps even more importantly, these vulnerabilities were found throughout 2007 in some of the most frequently used open source projects that customers did not realize they had.
Would We Need Antivirus For Desktop Linux? (Dec 13)
Linux is often known for being a staple of security. Whether its about the kernel itself, the secured applications or in this case viruses, Linux has always been up to the challenge. what happens if the big boys like Symantec or Norton start making A/V for Linux platforms? Would it even be needed...
So what about viruses written specifically to target Linux? Yes, such beasts do indeed exist. That said, the nature of an open-source platform makes it that much easier (and faster) to close over the holes that they exploit. This is as it should be, and right now a big part of the appeal of running Linux on the desktop is that you're not a broad target for malware.
Tips and Tricks for Linux Admins: Volatile Debian (Dec 11)
Yes folks, it's time for another enticing batch of useful and amazing Linux tips and tricks! On today's menu we are serving up Debian going all volatile, the lowdown on cdrkit usurping cdrtools, and a simple way to use iptables rules to foil brute-force password attacks.
Want to learn about Debian's security focused repositories? How about getting iptables to block Brute-Force Attacks? There's also information on the history of CD writing and more...
Sysreport is a diagnostic utility. It collects information about the running system, which is used for Red Hat Support to analyze current problems with the system. While sysreport is generally considered non-invasive, diagnostic utilities should always be run with caution.
As with all tools such as this, it requires caution. And its good to be aware of these issues, considering that this tool can allow you to make better security decisions.
Network Behavior Analysis (NBA) tools fill the void left by static security products such as firewalls, which simply enforce pre-existing policies, and intrusion-detection/prevention systems (IDS/IPS), which detect and block attacks based on known signatures.
A concise overview on how the can represent the last line of defense for clients networks. This is because they protect against those attacks which can be considered irregular.
