Linux Security Week: October 31st 2005
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Security Week This week, perhaps the most interesting articles include "Keychain: Openssh Key Management," "Two Factor Authentication Systems," and "Putting Patch Management in Perspective."


EnGarde Secure Linux 3.0 - Download Now!

  • Linux 2.6 kernel featuring SELinux Mandatory Access Control
  • Guardian Digital Secure Network features free access to all system and security updates (to be available shortly through an updated release)
  • Support for new hardware, including 64-bit AMD architecture
  • Web-based management of all functions, including the ability to build a complete web presence with FTP, DNS, HTTP, SMTP and more.
  • Apache v2.0, BIND v9.3, MySQL v5.0(beta)
  • Completely new WebTool, featuring easier navigation and greater ability to manage the complete system
  • Integrated firewall with ability to manage individual firewall rules, control port forwarding, and creation of IP blacklists
  • Built-in UPS configuration provides ability to manage an entire network of battery-backup devices
  • RSS feed provides ability to display current news and immediate access to system and security updates
  • Real-time access to system and service log information

LEARN MORE:
http://www.guardiandigital.com/products/software/community/esl.html


LINUX ADVISORY WATCH - This week, advisories were released for Ruby, hylafax, Mozilla, module-assistant, Lynx, phpMyAdmin, AbiWord, netpbm, gdb, xloadimage, and openldap. The distributors include Debian, Gentoo, and Red Hat.

LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple.


Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


 

  Keychain - Openssh Key Management
  27th, October, 2005

Ever since networking came out, one important issue, to a various extent over the time, has been how to give the legitimate users the right access - authentication, which is one of the three basic elements in security: authentication, authorization and access control.

http://www.linuxsecurity.com/content/view/120675

 
  Security Book Contest
  27th, October, 2005

We are giving away the following titles: Rootkits: Subverting the Windows Kernel, Real Digital Forensics, Cryptography in the Database, Extrusion Detection, Secure Coding in C and C++, Data Protection and Information Lifecycle Management.

http://www.linuxsecurity.com/content/view/120669

 
  (IN)SECURE Magazine Issue 4 is Available
  28th, October, 2005

The fourth issue of (IN)SECURE, a free digital security magazine published in PDF format, has been released.

Welcome to yet another issue of (IN)SECURE. The book contest we held in the previous issue was a great success and here are the winners: Dominic White, Dr. Gary Hinson, Ronaldo Vasconcellos, Joey Ortiz, Adrian St. Onge and Frantisek Holop. To all of you that sent us insightful comments we thank you, (IN)SECURE will grow to be better because of it. Expect more contests in the future and keep that feedback running, there’s always place for us to improve. If you’re interested in writing for (IN)SECURE feel free to contact us, we take a look at all submissions and ideas.

http://www.linuxsecurity.com/content/view/120678

 
  Help's A Firewall Away
  24th, October, 2005

Flash back to December 2002. Barely in his 20s, self-taught network engineer and help-desk staffer Joel Bomgaars is frustrated because firewalls prevent him from accessing PCs of users needing help. At his cubical at systems integrator Business Communications Inc., he has an epiphany: Instead of accessing the user's computer, have the user request help by going to a Web site. That would clear the firewall hurdles, because firewalls only block incoming messages. The idea worked, and Bomgaars was able to connect with a user within 10 seconds.

http://www.linuxsecurity.com/content/view/120644

 
  Two Factor Authentication Systems?
  27th, October, 2005

I've been given a project to undertake that involves setting our internal network systems up to have two factor authentication. I need suggestions to take in front of our CIO that shows how the security model works, cost vs benefit/features, and the different options. At this point, the name brand is RSA and I'm pressed to find any others even though I've done looking around.

http://www.linuxsecurity.com/content/view/120674

 
  VOIP may be vulnerable to barrage of threats
  25th, October, 2005

Is enterprise VoIP (voice over IP) due for a security wakeup call or are the threats mostly exaggerated? It depends on who's talking. "The security aspects of enterprise VoIP have been overblown," says Irwin Lazar, senior analyst at the Burton Group. "There's a lot more attention being paid to the fear of attack than what is actually possible."

http://www.linuxsecurity.com/content/view/120650

 
  Hotrod Your Linksys WAP with Linux
  26th, October, 2005

A lot of Linux geeks are master scroungers, because Linux is so adaptable that old AMDs, classic Pentiums and even 386es and 486es can be put to use in some way. It's a shame to throw away old equipment when it can be repurposed as networking devices like firewalls, authentication servers and routers. But as fun as it is to recycle, I'll wager I'm not the only who has gazed upon shiny new devices like the Linksys WRT54G and sighed "Wouldn't that be a great device for my network! It is small, cheap, and uses little power.

http://www.linuxsecurity.com/content/view/120663

 
  OSSEC HIDS v0.4 available - log analysis, rootkit detection and integrity checking
  27th, October, 2005

Version 0.4 of the OSSEC HIDS is now available. OSSEC HIDS is an Open source Host-based intrusion detection software. It performs log analysis, integrity checking, rootkit detection and health monitoring. All this information is correlated and analyzed by a single engine, creating a very powerfull detection tool. OSSEC HIDS is very scalable, allowing you to easily monitor multiple systems from a central server. This new version includes a new rootkit detection system, an improved integrity detection engine (much more complete and with much more detailed alerts), a faster and powerfull analysis system and complete support to Solaris and MacOS (in addition to Linux, *BSD, etc).

http://www.linuxsecurity.com/content/view/120670

 
  Gartner event focuses on security
  24th, October, 2005

With many keeping one eye on Hurricane Wilma churning off the coast, 6,000 IT executives last week heard Gartner analysts offer their vision on everything from security trends to wireless network directions. The Gartner Symposium and IT Expo 2005 also brought out 190 vendors and included keynote presentations from Microsoft CEO Steve Ballmer, HP CEO Mark Hurd and Dell CEO Michael Dell.

http://www.linuxsecurity.com/content/view/120643

 
  Putting Patch Management in Perspective
  25th, October, 2005

Whether scanning and patching “vulnerable? systems, or urgently reacting to a vendor’s patch release, many organizations have become more and more reactive when it comes to dealing with electronic security.

http://www.linuxsecurity.com/content/view/120651

 
  Check List For Linux Security
  27th, October, 2005

Linux is an amazing operating system considering how it was originally created. It was a modest program written for one person as a hobby - Linus Torvald of Finland. It has grown into a full-fledge 32-bit operating system. It is solid, stable and provides support for an incredible number of applications. It has very powerful capabilities and runs very fast and rarely crashes.

http://www.linuxsecurity.com/content/view/120673

 
  Are open source databases more secure?
  28th, October, 2005

If a recent Evans Data Corp. survey is any indication, IT administrators are increasingly worried about security holes in mainstream database products and are looking at open source alternatives. But John Andrews, president of the Santa Cruz, Calif.-based research firm, said that doesn't mean open source is necessarily better.

http://www.linuxsecurity.com/content/view/120682

 
  Advanced Linux LDAP authentication
  28th, October, 2005

In an earlier look at LDAP, we set up a simple LDAP-based authentication system. We configured client machines to retrieve authentication information from a server running OpenLDAP. Now let's go further by enabling encryption and looking at how to make user modifications through LDAP.

http://www.linuxsecurity.com/content/view/120683

 
  The Story of Snort: Past, Present and Future
  25th, October, 2005

Last week we met with Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention. Presented here is the entire story of Snort in his words that covers seven years of development that made this tool one of the most important security software titles ever developed.

http://www.linuxsecurity.com/content/view/120656

 
  Skype Buffer Overflow Vulnerability
  25th, October, 2005

It looks like that Skype can be made to execute arbitrary code through a buffer overflow when the software is called upon to handle malformed URLs that are in form of callto:// and skype://.

http://www.linuxsecurity.com/content/view/120657

 
  The Story of Snort: Past, Present and Future
  25th, October, 2005

Martin Roesch, the creator of Snort, the de facto standard for intrusion detection/prevention, presents the story of Snort that covers seven years of development that made this tool one of the most important security software titles ever developed. In this audio session you'll get all the details on how Snort was initially conceived as well as how it is expected to develop further now after Check Point acquired Sourcefire.

http://www.linuxsecurity.com/content/view/120647

 
  Nessus fork emerges
  26th, October, 2005

With news settling in that the makers of the network vulnerability scanner Nessus will not open source the next version of the software, the team behind the soon-to-be-renamed GNessUs project is growing fast and attracting attention.

http://www.linuxsecurity.com/content/view/120665

 
  FAQ: Identity fraud uncovered
  24th, October, 2005

Doing a thorough job means thinking about concepts like hard drive wiping, file system encryption and phishing detection--not everyday fare for many of us. To help you protect yourself from identity fraudsters, CNET News.com has compiled the following list of frequently asked questions and their answers.

http://www.linuxsecurity.com/content/view/120642

 
  The hacker as terrorist?
  24th, October, 2005

If Congress approves the controversial anti-terror bill that Pres. Gloria Macapagal Arroyo is eagerly pushing to become a law, hacking or cracking would soon be considered as an act of terrorism.

http://www.linuxsecurity.com/content/view/120645

 
  VoIP Security Alliance Delivers VoIP Security Framework
  25th, October, 2005

The Voice over IP Security Alliance (VOIPSA), today released the first comprehensive description of security and threats in the field of VoIP. The results, known as the VoIP Security Threat Taxonomy, provide the industry with a clear view of VoIP threats, the vulnerabilities and a context for balancing trade-offs.

http://www.linuxsecurity.com/content/view/120646

 
  Inside hackers' kindergarten
  25th, October, 2005

A rash of website defacements demonstrates that hackers can enter corporate, government and education websites at will, according to cyber-security expert Ken Low. "Website defacement is the most visible type of attack, said Mr Low, 3Com's senior manager for security in the Asia-Pacific. "I can show you system logs showing where passwords have been stolen or systems compromised, but these are not always obvious. "Website defacement is very straightforward -- something that shouldn't have happened has happened."

http://www.linuxsecurity.com/content/view/120649

 
  Sweating In the Hot Zone
  26th, October, 2005

Imagine what life would be like if your product were never finished, if your work were never done, if your market shifted 30 times a day. The computer-virus hunters at Symantec don't have to imagine.

http://www.linuxsecurity.com/content/view/120664

 
  Are You Ready To Be Hacked?
  26th, October, 2005

"The Air Force and the Pentagon are extremely attractive targets and so the publicity acts as a draw for hackers," said Frost & Sullivan industry analyst for network security Rob Ayoub. "As far as a lot of smaller companies go, there's always a risk but they have a reasonable amount of security through obscurity."

http://www.linuxsecurity.com/content/view/120662

 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!