Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

What You Need to Know About Linux Rootkits - Rootkits are a way attackers hide their tracks and keep access to the machines they control. The good rootkits are very hard to detect and remove. They can be running on ones computer and no one can even know they have been running. Read more to learn how to detect them on your system.

Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition - Mark Sobell again delivers the answers to common Linux administration challenges, and provides thorough and step-by-step instructions to configuring many of the common Linux Internet services in A Practical Guide to Fedora and Red Hat Enterprise Linux, Fifth Edition.

Linux Hardening - Quick Wins (Aug 22)

The best way to ensure that your Linux server is secure is to build it from scratch with a minimum amount of code that can be exploited by a hacker -- a custom compiled kernel and the bare minimum of packages needed for the server to do its intended job.
UPnP-enabled routers allow attacks on LANs (Aug 24)

Routers from various manufacturers support UPnP (Universal Plug and Play) on their WAN interfaces, which apparently makes it possible for attackers to reconfigure them remotely via the internet and, for example, misuse them as surfing proxies or to infiltrate internal LANs. The problem was discovered by IT security specialist Daniel Garcia, who has developed the Umap tool to demonstrate the problem; the tool is available to download free of charge.
(Aug 25)

Judging by the frenzied claims of lawmakers like US representative Jackie Speier, enabling the Do Not Track feature ranks up there with locking doors and shredding credit card statements. "People have a right to surf the web without Big Brother watching their every move and announcing it to the world," Speier said last February,when she introduced a bill to regulate online tracking.
Anonymous Hackers Are Hypocrites, Not Hacktivists (Aug 23)

The hacker group Anonymous, which is less a coherent group of people working together toward a common cause than a random medley of hackers out to prank and disrupt the online world, has been busy these days. Multiple hacks on Bay Area Rapid Transit websites in response to BART's shutdown of the railway's underground cellular system have captured the attention of activists and technophiles alike.
Cloud computing: If hackers want access, they'll get it (Aug 23)

Cloud providers that store client data on shared or virtual servers must ensure that private customer information cannot be accessed in the event of a cyber attack or a server being hacked, according to search specialists, Simplexo.
(Aug 25)

A previously unknown flaw in the code for processing byte range headers allows version 2.2.x of the Apache Web Server to be crippled from a single PC. A suitable "Apache Killer" Perl script that impressively demonstrates the problem has already been published on the Full Disclosure mailing list.
Confessions of a hacker (Aug 22)

Before there was Anonymous or LulzSec or any number of other contemporary computer hackers, there was Kevin Mitnick. After a prolific criminal career, time in prison, and a transition to a computer security career, Mitnick shares his story.
(Aug 25)

According to an Ubuntu security alert, the WebKit flaws are dangerous enough to cause arbitrary code execution attacks.
SpyEye hacker toolkit to lead to surge in cyberattacks (Aug 22)

The odds that a cybergang will stealthily turn your PC into a bot this summer and use it to carry out all manner of cyberattacks just notched notably higher.
When hackers become The Man (Aug 24)

At DefCon III in 1995, the young crowd of 470 spent their time jamming a local radio station broadcast and playing Hacker Jeopardy at midnight when they couldn't drink at the bar. "Free Kevin" stickers were plastered everywhere protesting the jailing of fugitive hacker Kevin Mitnick, and a 14-year-old ran away from home to attend the event. (I know because I was there.)
Hackers compete in security breach league (Aug 23)

A new website aims to establish who the world's most talented hacker is by allowing members to compete for ranking points by breaching internet security systems.
(Aug 23)

Some say famed hacker Kevin Mitnick is blowing a golden opportunity to cast the hacker community in a more positive light as he pushes his book "Ghost in the Wires."