Linux Security Week: November 21st 2005
Source: Contributors - Posted by Benjamin D. Thomas   
Linux Security Week his week, perhaps the most interesting articles include "Enhancing kernel security with grsecurity," "Network monitors head for the high ground," and "Easy and efficient patching all comes down to having the right management software."

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LINUX ADVISORY WATCH - This week, advisories were released for awstats, kdelibs, acidlab, AbiWord, uim, ftpd-ssl, phpsysinfo, phpgroupware, lynx, rar, sylpheed, gtk, egroupware, cpio, lm_sensors, and gdk-pixpuf. The distributors include Debian, Gentoo, Mandriva, and Red Hat. Feature Extras:

Hacks From Pax: SELinux Administration - This week, I'll talk about how an SELinux system differs from a standard Linux system in terms of administration. Most of what you already know about Linux system administration will still apply to an SELinux system, but there are some additions and changes that are critical to understand when using SELinux.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to with "subscribe" as the subject.

Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline. Site Upgrade
  16th, November, 2005

Greetings from all of us at We've upgraded the site today to a newer version of Joomla (formerly Mambo), and replaced the old forums with a new more robust commenting system. Soon we'll be rolling out new RSS version 2.0 feeds, and we have some other new features planned for the coming weeks.
  Enhancing kernel security with grsecurity
  15th, November, 2005

Is your server as secure as it could be? Sure, you use a firewall, mandate strong passwords, and patch regularly. You even take a proactive approach by performing security audits with tools such as nmap and Nessus. Yet you may still be vulnerable to zero-day exploits and privilege escalation attacks. If these possibilities keep you awake at night, you're not alone. The sleepless folks with the grsecurity project have developed an easy-to-use set of security enhancements to help put your fears to rest.
  VPNs at risk from security glitch
  15th, November, 2005

A flaw in a key Internet security protocol used by major networking products could open systems up to denial-of-service (DoS) and other kinds of attacks, experts have warned. Finnish researchers at the University of Oulu announced Monday that they have found a vulnerability in the Internet Security Association and Key Management Protocol, or ISAKMP. The technology is used in IPsec virtual private network and firewall products from a range of networking companies, including giants Cisco and Juniper.
  Internet security: Cisco flaws
  15th, November, 2005

Finnish researches today announced a high-risk vulnerability in a security protocol that serves an important role in key exchanges in IPsec VPNs. The severity of the flaw depends on different vendors, some of whom report it exists in their products and others who for now maintain their offerings are unaffected. But its impact could be great, given those vendors include heavyweights Cisco Systems, 3Com, Juniper Networks, Microsoft and IBM.
  Network monitors head for the high ground
  18th, November, 2005

The lure of open source is strong, and it's starting to be felt by the traditional network monitoring and analysis companies - but they are finding ways to fight back, according to Janice Spampinato, VP international at WildPackets. "Packet analysis tools are very much a commodity now," she says. "Ethereal and the like has taken the legs off the portable market, so thank goodness we decided to go for the distributed market."
  NAC Will Fill a Big IT Security Gap
  18th, November, 2005

When Zotob and other worms attacked a Windows vulnerability in August, some (yeah, that's me) were surprised that large companies were affected. After all, even a simple firewall should have blocked the attack. The problem was that many large corporate networks aren't as controlled as you'd think.
  Security Incident Response
  14th, November, 2005

Organizations that use computing system as their business enabler are faced with the challenges to protect and mitigate their critical information assets from internal and external security risks. In such a scenario, where 100% security is hard to achieve, it is imperative to reduce time taken to detect and respond adequately to a security incident that could adversely impact normal services.
  IDS: Still head of the class in security education
  16th, November, 2005

Despite claims that intrusion detection tools are "old school" and often tedious to use, one technologist says an IDS, such as Snort, can be quite educational when grading an organization's network security. During a session at the CSI 32nd annual Computer Security Conference this week, Matthew Hicks, senior information security analyst with the Children's National Medical Center in Washington D.C., said those who scoff at IDS typically don't understand how to use it.
  Open Source Snort Rules Consortium is officially launched
  18th, November, 2005

Sourcefire, Inc., the creators of Snort and the world leader in intrusion prevention, and Bleeding Snort today announced the launch of the Open Source Snort Rules Consortium (OSSRC), focused on the development and advancement of Snort Rules. With over 90 Charter members from the open source user and vendor communities, the OSSRC enables the entire Snort community to contribute to the open source model, as well as Snort development and direction. Focusing on innovation and standardization, the OSSRC is an independent organization founded to ensure that Snort continues to reflect the needs of the open source community, while also remaining one of the industry’s leading security tools.
  CMP Media Buys Black Hat
  16th, November, 2005

CMP Media, a marketing solutions company serving the technology, healthcare and entertainment markets, announced today that it has acquired Black Hat Inc., a producer of information security conferences and training that includes Black Hat Briefings and Conferences.
  Better Backup Strategies
  14th, November, 2005

If your organization depends on tape backup, it's time to think about tapering off. Here are five ways to improve data protection and backup with less tape. IT architects are talking a lot these days about getting rid of tape, and for a multitude of reasons--it's too slow and hard to use, hard disks have gotten cheaper, certain databases and applications require faster recoveries, and so on. According to consulting firm TheInfoPro, 90 percent of companies plan to move from tape to Serial Advanced Technology Attachment (SATA) disk drives as part of their backup/recovery and data lifecycle management plans by 2006
  Easy and efficient patching all comes down to having the right management software
  16th, November, 2005

If cars were sold in the same way as software, you would have to hook your Mondeo to the internet and download the latest code update before you left the garage. Managing software patches across an organisation can be one of the biggest headaches for IT departments, but luckily there are products to help.
  Guard against this OpenSSL vulnerability
  17th, November, 2005

The overwhelming number of open source Web sites and the widespread use of OpenSSL to secure connections create a tremendous problem when vulnerabilities emerge. Case in point: In October 2005, the Project released a patch to fix a vulnerability in all previously released versions of OpenSSL. Get the details about this vulnerability, and get Mike Mullins' take on the overall challenges of patch management.
  McAfee Protection Comes to Linux
  18th, November, 2005

StandGuard Anti-Virus for Linux brings the industry-leading power of McAfee's scanning engine and the ease-of-use of the award-winning StandGuard Anti-Virus to Linux running on x86-based PCs. StandGuard Anti-Virus for Linux (x86-based PCs) allows users to detect and clean the full 150,000+ threats identified by McAfee’s AVERT, a huge improvement over the 40,000 viruses that some Linux solutions promise to detect. Bytware and McAfee's AVERT support users’ needs 24/7/365.
  Prioritising Security in E-Commerce
  15th, November, 2005

Security is definitely high on the agenda of many countries these days, as terrorism continues to rear its ugly head in several parts of the world, resulting in the loss of lives and other destructions. Many Governments have taken the necessary measures to combat terrorism and ensure the safety of their people.
  The Ultimate Career Challenge
  15th, November, 2005

There you are all bright-eyed and eager, ready to roll up your sleeves and go to work in the exciting new world of Free/Open Source software. You have rosy visions of getting paid to do enjoyable, challenging work. Maybe even fat stock options that vest while you are still young, so you can quit the wage-slave routine and venture forth on your own and maybe even fund projects yourself.
  Linux dominates supercomputing
  16th, November, 2005

Linux has firmly stamped its authority on the supercomputing sector. The latest report from Top500, which releases a bi-annual report of the fastest computers in the world, shows Linux increasing its market share in this segment from 51.8% six months ago to 74.4%.
  Employee gadgets pose security risk to companies
  16th, November, 2005

The many gadgets carried around by workers today pose a real security risk to organizations and require action, session attendees at a security conference agreed Tuesday. Smart phones, handheld computers, thumb drives, digital cameras, iPods and other MP3 players can all connect to computers. That's fine when used at home, but when connected to a work PC, the devices can pose a serious risk, said Norm Laudermilch, chief security officer at Trust Digital, a McLean, Va., mobile security vendor.
  Most IT acceptable use policies contain 'gaping security holes'
  17th, November, 2005

Small- and medium-sized enterprises (SMEs) are leaving themselves vulnerable to security and compliance risks by not having internet acceptable use policies (AUPs) that address the latest and most dangerous internet-based threats, a new study has warned. According to a poll of IT administrators at 500 companies carried out by security firm St. Bernard Software, four key IT threat areas were found to be commonly missing written AUPs. These so-called gaping holes in AUPs include clauses to cope with use of spyware, inappropriate surfing, instant messaging and P2P networks.
  How to become an information security professional
  17th, November, 2005

Many years ago, while directing IT operations for a small company on the West Coast, I became aware that our network security was particularly weak. The company was growing at a rapid pace, IT was understaffed, the network was at capacity in a number of ways, and the demands were brutal both in terms of time and technology needs. While I didn't mind the long hours, I did mind that I didn't feel "up to snuff" in terms of selecting technologies that would enable us to expand the network and secure it. I had responsibility for IT and security, but I felt that there were holes in my knowledge. I wanted to fix that. So began my quest to become an information security professional.
  Real Story of the Rogue Rootkit
  17th, November, 2005

It's a David and Goliath story of the tech blogs defeating a mega-corporation. On Oct. 31, Mark Russinovich broke the story in his blog: Sony BMG Music Entertainment distributed a copy-protection scheme with music CDs that secretly installed a rootkit on computers. This software tool is run without your knowledge or consent -- if it's loaded on your computer with a CD, a hacker can gain and maintain access to your system and you wouldn't know it.
  Why governments really choose open source
  17th, November, 2005

The number of open source deployments by governments across the world has accelerated over the last few years. To date at least 160 international local and national governments have deployed open source software and over $2bn has been spent on the Linux open source operating system, according to figures from Linux vendor Red Hat.
  Hackers Cracked Gmail
  18th, November, 2005

Google said Wednesday it has fixed a problem in its widely used email program that allowed hackers to break into people’s Gmail accounts to read messages and pose as legitimate email users. Security researchers in Spain exposed a flaw in the way Google authenticates its users, allowing the breach in the system that counts more than 5 million users.
  Interview with Alf Watt, creator of iStumbler
  14th, November, 2005

iStumbler is the leading wireless discovery tool for Mac OS X and in this interview with its creator, Alf Watt, you can read about the project in general, various wireless security issues as well as recent developments that will make iStumbler a paid tool in its Pro version.
  It Takes A Hacker To Catch One
  14th, November, 2005

Information technology professionals have been conditioned to think defensively, draping their networks with sensor-studded barbed wire and using firewalls to lock down doors and windows. Another school of thought advocates a more proactive approach to security.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!