Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Security Week: July 27th, 2009
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, perhaps the most interesting articles include "New tool helps reconstruct attacks that don't leave traces on hard drives," "Root vulnerability in DD-WRT free router firmware," and "Pepper spray, passwords and OpenSSH exploits."
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Review: Googling Security: How Much Does Google Know About You - If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself.
A Secure Nagios Server - Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
L0pht Makes Comeback (Sorta) With Hacker News Network (Jul 26)
The news report begins with shots of a tense space shuttle launch. Engineers hunch over computer banks and techno music pounds in the background. There is a countdown, a lift-off, and then you see a young man in a black T-shirt and sunglasses, apparently reporting from space.
New tool helps reconstruct attacks that don't leave traces on hard drives (Jul 23)
Certain attacks that leave no trace on computer hard drives may be discoverable using a new tool that will be demonstrated at the Black Hat conference in Las Vegas next week.
Engineer: Microsoft violated GPL before Linux code release (Jul 23)
Code that Microsoft released Monday for the Linux kernel under the General Public License version 2 (GPLv2) was in violation of that license before Microsoft made it available, according to an open-source network engineer.
Botnet attacks are increasing, as cybercrime gangs use compromised computers to send spam, steal personal data, perpetrate click fraud and clobber Web sites in denial-of-service attacks. Here's a list of America's 10 most wanted botnets, based on an estimate by security firm Damballa of botnet size and activity in the United States.
The Joomla developers have announced the release of version 1.5.13 of their content management system (CMS). The security update addresses a critical vulnerability in the Tiny browser included with the TinyMCE 3.0 editor that could allow files to be uploaded or removed without a user needing to be logged in. Version 1.5.12 is affected. Additional details, however, have not been provided.
Root vulnerability in DD-WRT free router firmware (Jul 23)
The management interface of the current stable version of DD-WRT, the free router firmware, suffers a vulnerability that lets attackers run programs with root rights on the router. The vulnerability, described at milw0rm and in the DD-WRT forum, is caused by inadequate handling of meta-characters in the query string in DD-WRT's httpd web server. The server will then run programs even when no session is running.
Hacking The Handshake Between Applications (Jul 23)
Researchers to shed light on a new generation of attacks that exploit the relationship between browsers and their plug-ins -- or between any applications that share information -- and take over a victim's computer. A little-known class of vulnerabilities can be used to hack the trust between browsers and their plug-ins, as well as other applications, according to new research on tap at Black Hat USA next week in Las Vegas.
The Wireshark developers have announced the release of version 1.2.1 of Wireshark, the popular open source, cross-platform network protocol analyser. In addition to over 30 bug fixes, the security update addresses seven vulnerabilities that could crash the application remotely or lead to a buffer overflow. The denial-of-service (DoS) vulnerabilities affect the IPMI, AFS, Infiniband, Bluetooth L2CAP, RADIUS, MIOP and sFlow dissectors. Versions from 0.9.2 up to and including 1.2.0 of Wireshark are affected and all users are advised to update.
Free Issue: Linux in Mission Critical Environments (Jul 20)
The fine folks at Linux+ Magazine have released another full version of their periodical. It includes a DVD full of material, and more than a dozen full articles on Linux & security topics. Read on for the summary. Download the 68-page PDF.
Linux exploit gets around security barrier (Jul 20)
A security researcher has released zero-day code for a flaw in the Linux kernel, saying that it bypasses security protections in the operating system.
The source code for the exploit was made available last week by researcher Brad Spengler on the Dailydave mailing list. According to the researcher, the code exploits a vulnerability in Linux version 2.6.30, and 2.6.18, and affects both 32-bit and 64-bit versions. The 2.6.18 kernel is used in Red Hat Enterprise Linux 5.
The Twitter document leak fiasco started with a simple story that personal accounts of Twitter employees were hacked. Twitter CEO Evan Williams commented on that story, saying that Twitter itself was mostly unaffected. No personal accounts were compromised, and "most of the sensitive information was personal rather than company-related," he said. The individual behind the attacks, known as Hacker Croll, wasn't happy with that response. Lots of Twitter corporate information was compromised, and he wanted the world to know about it. So he sent us all of the documents that he obtained, some 310 of them, and the story developed from there.
Lost+Found: Pepper spray, passwords and OpenSSH exploits (Jul 20)
Too short for news, too good to lose; lost+found is a round up of useful security information. Today, Pepper spray, passwords and OpenSSH exploits.
Absa, a South African bank that decided to equip their ATMs with pepper spray modules to protect the cash machines from being tampered with, found their scheme backfired, when three of their service technicians had to visit hospital after an inadvertent release of the spray.
