Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: June 23rd, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "The Extended HTML Form Attack Revisited," "Pinging And Checking Port Status With Perl CGI On Linux And Unix," and "Test Your Environment's Security With BackTrack."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Review: The Book of Wireless - “The Book of Wireless” by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless networking, users need to know how to protect themselves from wireless networking attacks.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.19 Now Available! (Apr 15)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
Five hours after Mozilla officially released Firefox 3.0, researchers found a vulnerability in the new browser.Tipping Point has verified the bug and reported it to Mozilla, Tipping Point said on Wednesday.Since Mozilla is still working on a fix, the researchers won't share details about the problem. Tipping Point ranked the severity of the vulnerability as high, but said that users would have to click on a link in an e-mail or visit a malicious Web page before being affected. The issue affects users of Firefox 3.0 as well as Firefox 2.0.
Wow, that was quick in only five hours a security vulnerability was found. I find it a little strange that a vulnerability was found that is said to effect Firefox 3.0 and Firefox 2.0 was not found earlier. What do you think about this latest released vulnerability to Firefox?
Linux-based systems get a lot of press in IT trade publications. A lot of that press relates to its security characteristics. In fact, some claim “Linux is the most secure operating system (OS) of them all.” Such statements are, of course, unsupportable hyperbole; while many Linux distributions may outshine both MS Windows and Apple MacOS X by a significant margin, there’s evidence to suggest that most Linux distributions are not up to the standards of FreeBSD, for instance — let alone OpenBSD, with possibly the best security record of any general-purpose operating system.
This article looks at the question of is Linux the most secure OS? What do you think? Sometime I feel that the OS is only as secure as the person using it and setting it up. But one thing is for sure is that the Open Source community gives the user the tools to make their setup as secure as they want it to be.
Pinging And Checking Port Status With Perl CGI On Linux And Unix (Jun 18)
This script closely echoes previous scripts we put out to check on web server status and check on network server port-health insofar as the end result is concerned. It should run fairly simply, too (you'll probably just need to change the target host, target port and, possibly, the location of the ping command, and its arguments, to suit your taste - or have those all fed to the script from the command line using the @ARGV array):
Knowing the status of open ports on your computer is a good basic secure habit all Linux users should do. I use Nmap for all my port scanning needs but I found this simple port scanning script to be something to learn from. Have you wrote any good simple scripts to help your machines security?
Part of the security and sysadmins tasks is the log analysis and decision taking. There is plenty of information in http://www.linux.org/apps/all/Administration/Log_Analyzers.html.
The tools I recommend is called "Lire", this tool permits the creation of several reporting formats, including html, pdf, xml, between others. It also permits to analyze many log file formats, which include MySQL, Iptables, BIND, Apache, Qmail, Postfix, Syslog and more. Lire is GPL'ed Free Software (and Open Source), built around the idea of extendibility.
This article looks at a tool called Lire" for analyzing your logs. I feel looking at your system's logs is an important security practice that users should do. By looking at your log you can find holes in your system which you should plug. Do you think analyzing your log files is a good security practice?
SSL Certificates Vulnerable to OpenSSL Flaw on Debian (Jun 17)
Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks.
The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned.
Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.
SSL Certificates Vulnerable to OpenSSL Flaw on Debian (Jun 17)
Netcraft's June SSL Survey has found that a significant number of SSL certificates are affected by the Debian OpenSSL vulnerability, including Extended Validation SSL certificates and certificates belonging to banks.
The vulnerable certificates afford opportunities to create deceptive sites which use apparently valid SSL certificates, giving the user the impression that the site belongs to the certified organisation. In the case of EV certificates, browsers will also turn the address bar green, even though the certificate may be cloned.
Debian OpenSSL flaw does not seem to be over yet. It was discovered a number of SSL certificates are affected by the Debian OpenSSL. This article looks at how this attack is possible.
Test Your Environment's Security With BackTrack (Jun 16)
In the field of penetration testing, BackTrack is today's premier Linux distribution. Designed for, created by, and used by security professionals around the globe, BackTrack is the result of a merger between two earlier, competing distributions -- WHAX and Auditor Security Collection. The most recent beta version was released on June 10.
BackTrack 3.0 beta (BT3) is showing up in a lot of places these days. There was a presentation in February at ShmooCon, an annual hacker convention. At this year's National Collegiate Cyber Defense Competition (NCCDC), it was the distro of choice for the Red Team -- the attackers -- made up of experienced security professionals.
Have you heard about the penetration tool called BackTrack? This article looks at ways to get started using BackTrack.
