Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  SSL Is Officially Declared Dead (Feb 11)
 

On January 30, 2015, QSAs received the latest edition of the Council's Assessor Newsletter. Buried in that edition was the following statement. "Notice: PCI DSS and PA-DSS v3.1 Revisions Coming In order to address a few minor updates and clarifications and one impacting change, there will be a revision for PCI DSS and PA-DSS v3.0 in the very near future. The impacting change is related to several vulnerabilities in the SSL protocol. Because of this, no version of SSL meets PCI SSC's definition of "strong cryptography," and updates to the standards are needed to address this issue.
  Network breaking and entering: Ars tests the Pwn Plug R3 (Feb 12)
 

Imagine for a moment the following scenario: you're the manager for a busy bank branch in a major city. You come back from lunch and are told by one of your employees that someone from corporate IT dropped by to check on a reported problem with a branch PC.
  DDoS malware for Linux systems comes with sophisticated custom-built rootkit (Feb 9)
 

A malware program designed for Linux systems, including embedded devices with ARM architecture, uses a sophisticated kernel rootkit that's custom built for each infection.
  A Crypto Trick That Makes Software Nearly Impossible to Reverse-Engineer (Feb 12)
 

Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It's also what allows those same hackers' dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder.
  ACHTUNG! Scary Linux backdoor turns your box into a DDoS platform (Feb 10)
 

Cybercrooks have cooked up a Linux backdoor boasting multiple malicious functions.The Swiss Army Knife-style malware