Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: December 15th, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "Linux and UNIX How To: Scripting SSH and SFTP," "OSF - Passive OS Fingerprinting For IPtables," and "Set Up A Fully Encrypted Raid1 LVM System."
Norwich University's Master of Science in Information Assurance
(MSIA) program, designated by the National Security Agency as providing academically excellent education in Information Assurance, provides you with the skills to manage and lead an organization-wide information security program and the tools to fluently communicate the intricacies of information security at an executive level.
Learn more
LinuxSecurity.com
Feature Extras:
A Secure Nagios Server - Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security.
Never Installed a Firewall on Ubuntu? Try Firestarter - When I typed on Google "Do I really need a firewall?" 695,000 results came across. And I'm pretty sure they must be saying "Hell yeah!". In my opinion, no one would ever recommend anyone to sit naked on the internet keeping in mind the insecurity internet carries these days, unless you really know what you are doing.
Read on for more information on Firestarter.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
This document is meant to provide web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. Insufficient understanding of these often poorly-documented characteristics is a major contributing factor to the prevalence of several classes of security vulnerabilities.
Do you do any web application development? If so check out this document by Google which, talks about browser security.
Linux and UNIX How To: Scripting SSH and SFTP (Dec 11)
SSH is an indispensable tool that I use every day for file transfers, remote execution of tasks, setting up network port redirection between systems (tunneling), and securely driving a shell on a remote system. While the SSH commandline client on UNIX and Linux systems is how I interact most often with SSH servers on the remote end, there are times when it is helpful to script some action or series of actions rather than performing them interactively.
This is where Python and paramiko come in. paramiko is a library for Python that provides a programmatic interface to SSH. This combination of Python and SSH allows you to drive SSH tasks you would normally perform manually.
Do you use SSH or SFTP to make secure connections to your remote hosts? Do you want to automate this process? This article shows you a handy programming library call paramiko to help developing scripts that uses SSH or SFTP.
FBI Issues Warning Over VoIP Scammers Hijacking Asterisk (Dec 10)
The FBI is advising users of the open source VoIP package Asterisk to upgrade to the latest version, but has so far provided very little evidence on what vulnerability it has detected. The FBI's warning as published at the Internet Crime Complaint Center (IC3) is vague at best. The warning states: "The recent attacks were conducted by hackers exploiting a security vulnerability in Asterisk software. Asterisk is free and widely used software developed to integrate PBXii systems with Voice over Internet Protocol (VoIP), digital Internet voice calling services; however, early versions of the Asterisk software are known to have a vulnerability."
Do you use Asterisk for your VoIP? If so you might want to upgrade to the latest version because the FBI stated that they have found an vulnerability in the earlier versions of the software.
EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
OSF - Passive OS Fingerprinting For IPtables (Dec 9)
Passive OS fingerprinting netfilter module allows to passively detect remote OS and perform various netfilter actions based on that knowledge. This module compares some data (WS, MSS, options and it's order, ttl, df and others) from packets with SYN bit set with dynamically loaded OS fingerprints.
Starting from 2008_07_01 version OSF works only with Xtables, so you have to upgrade to recent kernels (and ename xtables support) and iptables (tested with 1.4.1.1). Also note, that Debian (starting from Lenny) has serious problems with iptables-dev package, which does not contain needed headers, so better install iptables from sources.
Have you ever hear about a netfilter module that does passive OS fingerprinting? If you are interested in learning more about this check out this article.
For this Howto I use Debian Lenny (still testing and not "stable" for the simple reason as - contrary to Debian Etch and/or Ubuntu 8.04/8.10 - the install routine does setup the initrd correctly so that you can set up encrypted swap and also an encrypted raid1 lvm during install). This Howto will be heavy on screen shots again - a lot of them are repetitive as I setup multiple partitions at once.
If you are interested in setting up an encrypted RAID1 LVM system take a look at this article. It will show you step by step how to do this on your Linux machine.
