Linux Security Week - December 13th 2004

Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas

This week, perhaps the most interesting articles include "What is policy enforcement, and why should we care," "Linux Camp Takes New Tack on Kernel," and "Sarbanes-Oxley: An Opportunity for Security Professionals."

Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. Click to find out more!

LINUX ADVISORY WATCH - This week, advisories were released for hpsockd, viewvcs, nfs-util, cyrus-imapd, netatalk, gaim, rhpl, ttfonts, mc, udev, gnome-bluetooth, rsh, mysql, libpng, glib, gtk, postgresql, shadow-utils, perl, mirrorselect, drakxtools, dietlib, gzip, rp-ppoe, openssl, ImageMagick, samba, and cups. The distributors include Debian, Fedora, Gentoo, Mandrake, Red Hat, SuSE, Trustix, and Turbo Linux.

LinuxSecurity.com Feature Extras:

Mass deploying Osiris - Osiris is a centralized file-integrity program that uses a client/server architecture to check for changes on a system. A central server maintains the file-integrity database and configuration for a client and at a specified time, sends the configuration file over to the client, runs a scan and sends the results back to the server to compare any changes. Those changes are then sent via email, if configured, to a system admin or group of people. The communication is all done over an encrypted communication channel.

AIDE and CHKROOTKIT -Network security is continuing to be a big problem for companies and home users. The problem can be resolved with an accurate security analysis. In this article I show how to approach security using aide and chkrootkit.

An Interview with Gary McGraw, Co-author of Exploiting Software: How to Break Code - Gary McGraw is perhaps best known for his groundbreaking work on securing software, having co-authored the classic Building Secure Software (Addison-Wesley, 2002). More recently, he has co-written with Greg Hoglund a companion volume, Exploiting Software, which details software security from the vantage point of the other side, the attacker. He has graciously agreed to share some of his insights with all of us at LinuxSecurity.com.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


	Xandros Steps Up Security in New Desktop Linux
	9th, December, 2004 Linux desktop vendor Xandros Inc. on Wednesday released the latest version of its flagship operating system, Xandros Desktop Operating System 3.0. This latest descendant of the first mass-market Linux desktop, Corel Linux, uses the KDE 3.3 interface. It is built on the foundation of a Linux 2.6.9 kernel. http://www.linuxsecurity.com/content/view/117450


	New set of Linux security flaws discovered
	9th, December, 2004 A security researcher has uncovered another set of security flaws in an image component, which could put Linux users at risk of system compromise if they view a maliciously crafted image. http://www.linuxsecurity.com/content/view/117436

	Hot Pick: SQL Guard
	7th, December, 2004 Similar to a firewall, SQL Guard's filtering rules alert security managers to traffic from defined sources and users or to traffic that includes particular commands, such as excessive logons, one-user/one-IP, clients executing administrative commands, SQL overflows and SQL injection attacks. http://www.linuxsecurity.com/content/view/117415

	The Threats To Come
	7th, December, 2004 As security pros protect their applications and networks from today's most common attacks, hackers are preparing to wage new wars. As new technologies such as Web services, radio-frequency identification, and smart phones loaded with complex operating systems become prevalent, new attack techniques against business-technology systems will follow. http://www.linuxsecurity.com/content/view/117421

	Security 'Honey Pots' May Snare Private Details
	8th, December, 2004 Though some legal issues still surround "honey pots," their use within the security industry is fairly common and is considered a critical weapon in fighting malicious hackers and viruses. http://www.linuxsecurity.com/content/view/117426

	How to verify that Snort is operating
	7th, December, 2004 Is your new Snort system running too quietly? Whether you're new to using Snort or you've deployed it on a new platform -- a low-noise level may have you worried. It could be a tightly-tuned (or too tightly-tuned) system, or you may have the IDS residing on a quiet network segment. Fortunately, several methods exist for testing Snort over the wire to ensure it's working properly in your environment. http://www.linuxsecurity.com/content/view/117414

	Sarbanes-Oxley: An Opportunity for Security Professionals
	6th, December, 2004 Sarbanes-Oxley (SOX) is not just another regulation security professionals have to contend with in your already very busy lives. Instead, SOX should be viewed as opportunity for security teams to demonstrate your value as a key enabler of creating a sound business environment at the highest levels within your organizations. SOX presents this opportunity to every company, whether already a public entity that has to comply or private companies who fall outside mandated compliance, by providing a model for sound internal controls and a template to demonstrate the effectiveness those controls to executive management. http://www.linuxsecurity.com/content/view/117373

	Linux Camp Takes New Tack on Kernel
	6th, December, 2004 A stable and mature Linux kernel is enabling its chief developers to shift away from the common kernel development model to one that will result in more frequent releases. http://www.linuxsecurity.com/content/view/117390

	Security Sells
	6th, December, 2004 If the challenge for CSOs is to market themselvesÃ‘and the security messageÃ‘more effectively, then surely the companies below must represent the end goal. Citigroup, Microsoft, OnStar and El-Al are so security-conscious that they've all, in one way or another, incorporated it into their brand image. Translation: They advertise security or otherwise make it part of the message they present to customers and business partners. Look closely, though, and you'll find that these companies share a common goal: to create a sense of trust for their customersÃ‘while being careful not to overpromise. http://www.linuxsecurity.com/content/view/117391

	The 12 Thefts Of Christmas
	8th, December, 2004 Of all the things you might want for Christmas this year, a clone is probably not one of them. But if statistics are true to form this holiday season, in the 12 days leading up to Christmas nearly quarter of a million Americans will lose something that Santa wonÃ•t be able to replace Ã? their identity. http://www.linuxsecurity.com/content/view/117425

	Who says safe computing must remain a pipe dream?
	9th, December, 2004 I am regularly asked what average Internet users can do to ensure their security. My first answer is usually "Nothing--you're screwed." http://www.linuxsecurity.com/content/view/117435

	What is policy enforcement, and why should we care?
	9th, December, 2004 Security administrators typically consider "authorization" in the context of user identities, which are verified via passwords or randomly generated codes or iris scans. Once identity has been validated, it's used to establish appropriate levels of access to computers, network resources and information. People with networking and Web server experience may go so far as to include certificates in their understanding of "authentication" and authorization, since IPsec and SSL/TLS both rely on certificates for validation of machine identities. http://www.linuxsecurity.com/content/view/117451

	Group Enlists Honey Pots to Catch IM Threats
	10th, December, 2004 IMlogic Inc. on Tuesday announced plans to use so-called honey pots, or vulnerable machines, to track malicious virus activity on instant messaging and peer-to-peer networks. http://www.linuxsecurity.com/content/view/117459

	Committee pushes for cybersecurity post
	6th, December, 2004 Members of the House Select Homeland Security Committee have recommended establishing a new assistant secretary position within the Homeland Security Department to better integrate and coordinate cybersecurity issues. http://www.linuxsecurity.com/content/view/117400

	Mobile phones the biggest target for hackers
	7th, December, 2004 Having managed to cripple PCs on more than one occasion over the last decade, viruses, worms and trojans are now heading for mobile phones. And while many experts worry they could be as malicious as their PC predecessors, some fear they could be a whole lot worse. http://www.linuxsecurity.com/content/view/117413

Only registered users can write comments.
Please login or register.