Linux Security Week: June 13th 2005
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "The meagre living of Linux virus writers," "Integrating and securing Linux without a silver bullet," and "Cracking WEP in 10 minutes."


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.


LINUX ADVISORY WATCH - This week, advisories were released for krb4, mailutils, traversal, Wordpress, SilverCity, kdbg, ImageMagick, openssh, dbus, rsh, and the Red Hat kernel. The distributors include Debian, Gentoo, and Red Hat.

 

LinuxSecurity.com Feature Extras:

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff.


Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Talking with Richard Stallman
  12th, June, 2005

1) Let's start. Can you explain to our readers why you started with FSF in 1984? What did you need of? Why you created it?
What I started in 1984 was the development of the GNU operating system. All the operating systems for modern computers of the day were proprietary; users were forbidden to share them, and could not get the source code to change them. The only way to use computers in freedom was to replace those systems with a free operating system. That's what GNU was meant to do. The Free Software Foundation was started in late 1985 to raise funds for GNU development, and more generally to promote free software.


Read more at TuxJournal.net

http://www.linuxsecurity.com/content/view/119289

 
  How well do you know your partner?
  7th, June, 2005

For those of you who follow the news, you may have read the recent story of spy software discovered at some of IsraelÕs leading companies which reads just like the spy stories weÕve been reading for years. The imagined villains are in fact the victims, but more importantly the problem of spy software being prevalent in Israeli companies came as a result of one of the most comprehensive investigations involving computer crime ever undertaken. The Trojan had been introduced by providing companies with contaminated files, or sending a contaminated e-mail message to the companies. This also raises concerns that this evaded all the security measures in place at the companies infected.

http://www.linuxsecurity.com/content/view/119259
 
  Debian released without security update feature
  8th, June, 2005

A configuration mistake in the new Debian Linux distribution has forced a fix less than 24 hours after the software was released. "New installations [of Debian 3.1 from CD and DVD] will not get security updates by default," said Debian developer Colin Watson in an e-mail warning. Installations from floppy disks or network servers were not affected.

http://www.linuxsecurity.com/content/view/119266
 
  The meagre living of Linux virus writers
  9th, June, 2005

According to anti-virus firm Trend Micro, the number of Linux viruses in the wild has not changed dramatically for two years, but its figure of 500 dangerous and exploitative programs dashing around the Internet seeking unprotected systems is cause for concern, until you look closer at the reasoning. Rainer Link, assistant to head of the companyÕs EMEA (Europe, Middle East & Africa) Operations, admits the figures can be misleading and says it refers to Linux malware in general, including malware running on Linux whose ultimate target is Windows.

http://www.linuxsecurity.com/content/view/119274
 
  Attack Trends: 2004 and 2005
  7th, June, 2005

Counterpane Internet Security, Inc., monitors more than 450 networks in 35 countries, in every time zone. In 2004 we saw 523 billion network events, and our analysts investigated 648,000 security "tickets." What follows is an overview of what's happening on the Internet right now, and what we expect to happen in the coming months.

http://www.linuxsecurity.com/content/view/119260
 
  Analysts say 'cloudy' forecast is OK
  7th, June, 2005

The network security forecast is cloudy, and that's not a bad thing if you're to believe what analysts are saying at this week's Gartner IT Security Summit.

Gartner predicts that by 2008, carriers like AT&T, Verizon, MCI and others will operationalize security functions like firewalls and intrusion detection into routers and switches, leaving enterprises to concentrate on identity and access management and other security duties away from the perimeter. By extending security to the Internet cloud, denial-of-service attacks, for example, never reach the gateway.

http://www.linuxsecurity.com/content/view/119261
 
  What to ask when evaluating intrusion-prevention systems
  8th, June, 2005

An intrusion-prevention system (IPS) is part of an overall security strategy to protect your network from attack. The IPS literally prevents an attack by blocking bad stuff, such as viruses or malformed packets, from getting into the company network.

http://www.linuxsecurity.com/content/view/119268
 
  Secure Mac and Linux authentication
  8th, June, 2005

CryptoCard (.com) makes a variety of secure authentication and ID management tools, and they just released support for OS X Tiger (they already did Panther). For the rest of you PC alternative fans, Linux support includes Red Hat, SuSE, and an easy compile option for Debian.

http://www.linuxsecurity.com/content/view/119265
 
  Integrating and securing Linux without a silver bullet
  10th, June, 2005

The difficulty in integrating Linux with legacy systems and securing IT systems are two of IT managers' most common complaints about Linux, says Peter Harrison, who canvassed many IT pros while writing The Linux Quick Fix Notebook, a new book from Prentice Hall PTR. In this tip, Harrison doesn't offer a quick fix, but he does offer sage advice about security and integration.

http://www.linuxsecurity.com/content/view/119281
 
  Has Ransomware Learned from Cryptovirology?
  6th, June, 2005

A secure cryptovirus, cryptotrojan or cryptoworm contains a payload that activates under a particular circumstance. When it activates, it generates a random symmetric key and encrypts the victim's files with it. This key is then encrypted in turn with the attacker's public key to produce an asymmetric ciphertext.

http://www.linuxsecurity.com/content/view/119253
 
  Trusted Matters: Interview, Chad Hanson, TCS
  6th, June, 2005

I was fortunate enough to have a conversation with Chad Hanson, Manager of the Trusted Operating Systems Lab at Trusted Computer Solutions in Urbana, Illinois. Chad has a long history in working with Trusted Operating Systems. He came to Trusted Computer Solutions from Argus Systems, where he led the development of PitBull, itself a Trusted Operating System. Chad's experience also includes leading the design and development of new components to NSA SE Linux that are leading to greater security in the Linux kernel.

http://www.linuxsecurity.com/content/view/119256
 
  Software is just one component of security
  7th, June, 2005

Here's an important lesson for everyone, whether you run Linux, Solaris, Windows, OpenBSD, Mac OS X, or MS-DOS your customers' data isn't very secure when tapes carrying sensitive customer data go missing in transit. In this particular case, one wonders whether transporting physical media is the best way to transfer sensitive customer data from Citigroup to Experian. It certainly makes one wonder to find out that the tapes had been shipped on May 2, and it wasn't noticed that they'd gone missing until May 20.

http://www.linuxsecurity.com/content/view/119258
 
  Insecurity through obscurity
  9th, June, 2005

Security through obscurity is probably one of the oldest tricks in the security book. The basic premise stems from the fact that people are trying to ensure security by hiding certain facts of their software or architecture design from regular users. This is equivalent to someone hiding a house key under a pot of plants in front of his house.

http://www.linuxsecurity.com/content/view/119275
 
  Gartner IDs 'Over-Hyped' Security Threats
  9th, June, 2005

Over-hyped security threats have made companies unnecessarily hesitant to roll out new technologies, such as Internet telephony and wireless networks, a research firm said Wednesday.

With Internet protocol, or IP, telephony, the system can be secured with very similar methods used in securing a data-only environment. IP telephony eavesdropping is the most over-hyped threat, since the attacker would have to be inside the company and on its local area network, Gartner analyst said during the firm's IT Security Summit in Washington, D.C.

http://www.linuxsecurity.com/content/view/119276
 
  A Tale of Two Hackers
  6th, June, 2005

Lapping up the sunshine here outside a downtown cafe, Kevin Mitnick is apprehensive. He never asked to be the world's most high-profile convicted computer criminal, he says, and he's sick of media interviews dwelling on his criminal past.

http://www.linuxsecurity.com/content/view/119252
 
  Israel espionage case points to new Net threat
  10th, June, 2005

Executives of top telecom firms accused of spying on each other. A jealous ex-husband suspected of monitoring his former in-laws. Private investigators implicated in computer-hacking-for-hire; one now involved in a possible attempted suicide. So much bad publicity, government officials worry it might impact the entire nationÕs economy.

http://www.linuxsecurity.com/content/view/119282
 
  Cracking WEP in 10 minutes
  8th, June, 2005

Yesterday I started noticing referral traffic from myscreencast.com, a phpbb-based community site for finding and sharing screencasts. The most entertaining one I found is called Cracking WEP in 10 minutes. It was produced with Camtasia, but the action takes place in Whoppix, which describes itself thusly:

Whoppix is a stand alone penetration testing live cd based on Knoppix. With the latest tools and exploits, it is a must for every penetration tester and security auditor.

http://www.linuxsecurity.com/content/view/119273
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!