Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: September 8th, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Open Source Release Takes Linux Rootkits Mainstream," "SELinux Memory Protections are Your Friend," and "Linux Password Policies."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Review: Hacking Exposed Linux, Third Edition - "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.
Security Features of Firefox 3.0 - Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security.
Read on for more security features of Firefox 3.0.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.20 Now Available (Aug 19)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.20 (Version 3.0, Release 20). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce.
Open Source Release Takes Linux Rootkits Mainstream (Sep 5)
The art of burying invisible malware deep inside a Linux machine is about to go mainstream, thanks to a new open-source rootkit released Thursday by Immunity Inc., a firm that supplies tools for penetration testers. When implemented, Immunity's DR, or Debug Register, makes backdoors and other types of malware extremely difficult to detect or eradicate.
Learn how a new open source rootkit will make it easier to cloak malware on Linux boxes. How do you think Linux intrusion detection systems like rkhunter will deal with this challenge? Read on.
Responds to Allegations That AppArmor is Dying (Sep 5)
A recent post from Russ Coker entitled AppArmor is Dead was tolling the death bells for AppArmor because SUSE decided to include SELinux in their operating system… not as the default, and not as a replacement for AppArmor, but it was included nonetheless. Russ determined that this was the beginning of the end for AppArmor, and I read it with some interest largely because Mandriva has settled on AppArmor as our security solution… largely because it fits with our ideal of making things nice and easy for our users. So of course, a post that seems to bring doom and gloom about our security solution is something we're interested in reading about because if it's true, then we've invested time and effort into the wrong solution.
This article discusses the debate of AppArmor's future. What do you think will happen to AppArmor? Will SELinux become even more popular as a security framework?
SELinux Memory Protections are Your Friend (Sep 5)
I don't know what a Zend Optimizer is, but it apparently does not play well with SELinux. I've encountered a blog entry by someone who has tried to do the right thing and keep SELinux enabled, after finding the code for a policy module which makes this stuff work. When loaded, this will enable the web server to execute memory on its heap, stack or certain types of executable memory allocated via mmap(2). These are well-known attack vectors and disable some very important memory protection mechanisms. See Ulrich Drepper's SELinux Memory Protection Tests for details.
What to do when SELinux does not work with a software that you want to run? This article looks into how memory protection in SELinux maybe the cause of the problem.
Google Chrome Flaws Come Soon After Browser Release (Sep 4)
Less than a day after Google arrived on the browser scene with the launch of Chrome, two security researchers have disclosed separate vulnerabilities that could be exploited to compromise the software. Researcher Aviv Raff told SCMagazineUS.com on Wednesday that Chrome suffers from the same "carpet bomb" vulnerability once present in Apple's Safari for Windows, by which the browser does not require user permission prior to a download.
Read about two new security vulnerabilities discovered in Google's Chrome browser. How do you think Google will respond to dealing with these flaws? Read about it in this informative article.
New Firefox Plug-In Double-Checks So-Called Unsafe Sites (Sep 4)
Like other new browsers, the latest version of Firefox has made security a top priority, and it will alert the user if a site you're about to click on appears to be a hacker's hook. However, the way it and other browsers go about determining that sometimes results in false positives. A new Firefox plug-in adds an additional layer of verification.Intercepting Internet traffic and spying on the communication Improve customer service and productivity with Avaya Unified Communications. between two computers is a gold mine for hackers. Now Carnegie Mellon University researchers hope software they've built will make it harder for criminals to hit that jackpot.
This article looks at a new plug-in for Firefox that is designed to prevent users from going to malicious websites. Have you testing this plug-in out, if so what do you think about it? Does it have too many false negatives?
Security-Wise, Google Chrome is (Potentially Very) Good (Sep 3)
Security bloggers are already commenting on Google's slightly premature "Chrome" browser leak. Built on top of the Apple sponsored WebKit engine, the browser offers several security features that we have only seen so far in the beta releases of IE8.
The most interesting feature discussed so far is the strict memory separation afforded by the technology, where each web application will operate in its own memory space with its own virtual machine for code execution.
Web browser security is important to help protect users from computer attacks. With Google's new browses being released, how do you think it's security features will be compared to Firefox and IE?
Reports of data losses and system breaches are almost becoming passe but from time to time events happen that take on a life of their own and have effects far beyond what the initial breach would normally represent. Late last week there was an announcement that key servers belonging to both the Fedora and Red Hat Linux distributions were compromised. With this breach they join the ranks of Ubuntu, Debian and Gentoo as Linux distributions that have suffered severe server breaches.
What is the wider significance of the breach to the Fedora and Red Hat Linux distributions that occurred last week? What kind of questions should those responsible for system security be asking themselves in light of this breach? Find out in this informative article.
Lets start with some basics…. Our Linux system stores its usernames and passwords in a special file : ‘/etc/password'. The passwords in this file are one way encrypted (hash-ed) through a password encryption function called ‘crypt' using DES as the encryption algorithm. The good thing about ‘hashing' is that you can not ‘decrypt' the hashed passwords because the function used for hashing cannot be reversed (one-way traffic). DES generally uses keys (symmetric key cryptography) in which case things can be either encrypted or decrypted, but for encrypting passwords in Linux, only the ‘hashing' implementation of DES is used.
How much do you know about Linux passwords? This article goes into detail about how user's passwords are controlled and handled in Linux.
