Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: February 25th, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Opera, Firefox Bug Could Export Users' Web history," "Root under fire: vmsplice() exploit," and "New Security Organization for Open Source Vendors."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. However, certain attacks are not blindly thrown at you - a good attacker knows that a certain amount of reconnaissance and knowledge about your defenses greatly increases the chances of a successful attack. How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is...
Open Source Tool of February: Nmap! - This February, the team at Linuxsecurity.com has chosen NMAP as the Open Source Security Tool of the Month!
In January, we chose GnuPG in part because it had just celebrated its 10th anniversary. Well, it wasn't alone. As of this past December Nmap ("Network Mapper"), the free and open source utility for network exploration and auditing, celebrated its 10th Anniversary as well! And because of its popularity, chances are very good that you've already used NMAP for quite some time. Even if you have, it's always good to take a look at how it all got started and what it's all about...
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
Opera, Firefox Bug Could Export Users' Web history (Feb 20)
A flaw in the way the Firefox and Opera browsers handle an image file could allow an attacker to see what Web sites a person has visited. The problem concerns how the two browsers handle a ".BMP," or bitmap, image file, according to an advisory written by Gynvael Coldwind of Vexillium.org, who posted a video illustrating the problem.
I always find it interesting when two pieces of software together can cause a security vulnerability.
This recent kernel exploit has been spreading around the Internet quickly in recent days. So what is it, exactly? What is it really doing and how does it allow a cracker to exploit the root privileges in your system? Jonathan Corbet chimes in with one of the best overviews of the exploit, why it's a problem, how it got here, and what's being done to address it:
"Unlike a number of other recent vulnerabilities which have required special situations (such as the presence of specific hardware) to exploit, these vulnerabilities are trivially exploited and the code to do so is circulating on the net.
New Security Organization for Open Source Vendors (Feb 18)
It's an interesting idea, notably because such an organization has yet to be created. Furthermore, to ease the pangs of such a new organization, it's pretty informal, to provide a more friendly format for such touchy issues as vendor vulnerabilities.
The concept is moderately similar to full-disclosure or bugtraq, but is aimed particularly at OSS vendors and authors. Because of the sensitivity of some issues on vendor-sec (pre-disclosure issues, etc.) having a large number of people on vendor-sec isn’t really viable, so oss-security aims to fill that gap by allowing those interested in security (and not necessarily members of vendor security teams) to discuss public issues, coordinate audits, or whatever. The aim is to have a stronger OSS security community and to allow people with interest and expertise to get involved, without having to adhere to the strict “code” associated with vendor-sec.
