+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 18th, 2002 Volume 3, Number 45n | | | | Editorial Team: Dave Wreski [EMAIL PROTECTED] | | Benjamin Thomas [EMAIL PROTECTED] | +---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "The Unix Auditors Practical Handbook," "The Study on the Vulnerabilities of Operating System," "Administering Linux IPSec Virtual Private Networks," and "Make Nessus Your New Security Tool of Choice." LINUX ADVISORY WATCH: This week, advisories were released for PXE, libpng, python, html2ps, kdenetwork, masqmail, apache-perl, bind, kadmind, smrsh, resolver, perl-MailTools, nss_ldap, php, traceroute, kpgp, apache, kdelibs, and syslog-ng. The distributors include Caldera, Debian, Guardian Digital's EnGarde Secure Linux, FreeBSD, Gentoo, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-6171.html FEATURE: Security - Physical and Service The first installation of a 3 part article covering everything from physical security and service security to LAMP security (Linux Apache MySQL PHP). http://www.linuxsecurity.com/feature_stories/feature_story-128.html --------------------------------------------------------------------- CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner! Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you. http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2 --------------------------------------------------------------------- FEATURE: Security: Apache (2 of 3) - This is the second installation of a 3 part article on LAMP (Linux Apache MySQL PHP). Apache is the most widely used HTTP-server in the world today. http://www.linuxsecurity.com/feature_stories/feature_story-129.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * The Peon's Guide To Secure System Development November 15th, 2002 Increasingly incompetent developers are creeping their way into important projects. Considering that most good programmers are pretty bad at security, bad programmers with roles in important projects are guaranteed to doom the world to oblivion. http://www.linuxsecurity.com/articles/documentation_article-6173.html * Identifying A Deleted Account November 14th, 2002 Last week I extolled the virtues of keeping an audit trail. This actually came up because a reader was confused about some processes that were running under a no-longer existing userid. http://www.linuxsecurity.com/articles/documentation_article-6157.html * The Unix Auditors Practical Handbook November 14th, 2002 This handbook is meant to be a practical guide to auditing Unix. It will be kept as up-to-date as possible. The commands and filenames given here are applicable to a Sun Solaris system. However, there are cross-command references for AIX and Linux. http://www.linuxsecurity.com/articles/documentation_article-6158.html * Alien Autopsy: Reverse Engineering Win32 Trojans on Linux November 14th, 2002 In my last article, Reverse Engineering Hostile Code, I described the tools and processes involved in basic reverse engineering of a simple trojan. This article will offer a more detailed examination of the reversing process, using a trojan found in the wild. At the same time, this article will discuss some techniques for reversing Windows-native code entirely under Linux. http://www.linuxsecurity.com/articles/documentation_article-6166.html * libpcap and tcpdump Sources Trojaned November 13th, 2002 The FT Conferences Web site was defaced overnight by mischievous crackers promoting a Russian DJ. Defacement archive Zone-H reports that hackers broke in using a mistake in the Web site's configuration to post pictures of Vasya Strelnkikov, a famous Russian DJ. http://www.linuxsecurity.com/articles/hackscracks_article-6146.html * The Study on the Vulnerabilities of Operating System November 11th, 2002 Which Operating System have more vulnerabilities out of the box? Are they more secure after the latest patches? Do the latest patches add vulnerabilities? We wanted to see how much the OS patches released really help and to see which OS is more secure "Out of the Box". http://www.linuxsecurity.com/articles/host_security_article-6127.html +------------------------+ | Network Security News: | +------------------------+ * Consortium Demos Secure Network November 15th, 2002 A public/private consortium in Oregon is developing a secure information network that was created as a direct result of homeland security concerns. The consortium responsible for developing the Oregon Trial of Emergency and Security Technology (O-TEST) demonstrated the model in Washington, D.C., Nov. 13. http://www.linuxsecurity.com/articles/government_article-6179.html * Wi-Fi Encryption Fix Not Perfect November 15th, 2002 The biggest security risks for "Wi-Fi" wireless Internet networks are that users sometimes fail to turn on their encryption software. But even the responsible ones who use the encryption program -- Wired Equivalent Privacy -- aren't immune to malicious attacks. http://www.linuxsecurity.com/articles/cryptography_article-6174.html * Administering Linux IPSec Virtual Private Networks November 14th, 2002 This article will discuss some of the more advanced features of FreeS/WAN that you can leverage to implement flexible and reliable IPSec VPNs. The ultimate source of information on FreeS/WAN is the official FreeS/WAN Web site (http://www.freeswan.org). http://www.linuxsecurity.com/articles/documentation_article-6164.html * Encrypted NFS with OpenSSH and Linux November 14th, 2002 NFS is a widely deployed, mature, and understood protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted, hosts and users cannot be easily authenticated, and its difficulty in firewalling. http://www.linuxsecurity.com/articles/server_security_article-6153.html * Plan for a security architecture November 13th, 2002 Volatility and immaturity in security technology will continue to make enterprisewide technology architectures impractical through 2003. However, the need for a consistent approach, scalability, agility, and auditability will drive development of adaptive, top-down security architectures encompassing consistent policy frameworks, strong process orientation, service definitions, formal roles/responsibilities, and domain-specific technology standards (2002-03). http://www.linuxsecurity.com/articles/network_security_article-6144.html * Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection November 12th, 2002 Wireless LAN discovery through the use of applications such as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for network penetration. The discovery of a wireless LAN might be used for seemingly innocuous Internet access, or to be used as a "backdoor" into a network to stage an attack. http://www.linuxsecurity.com/articles/documentation_article-6139.html * Make Nessus Your New Security Tool of Choice November 12th, 2002 No ace sysadmin should be without Nessus, it's the utility of choice for hardcore security scanning. Nessus is based on nmap, the excellent port scanner by Fyodor. Primarily authored by Renaud Deraison, it adds a nice graphical interface and loads of attack functions. http://www.linuxsecurity.com/articles/server_security_article-6136.html * Keep Out: Host Intrusion Detection November 11th, 2002 You need a way to proactively protect your servers from malicious attacks. Host intrusion prevention, or HIP, is a way to do just that. Using a variety of different methods, HIP products restrict a program's or a user's access to system resources, safeguarding the underlying OS from attacks that take advantage of poorly written code. http://www.linuxsecurity.com/articles/host_security_article-6131.html +------------------------+ | Cryptography News: | +------------------------+ * BIND / crypt_blowfish Openwall Linux Info November 17th, 2002 Yesterday I've put out the BIND 4.9.10-OW2 patch, which includes the patch provided by ISC and thus has the two recently announced vulnerabilities affecting BIND 4 fixed. Another recent update is crypt_blowfish 0.4.5. http://www.linuxsecurity.com/articles/projects_article-6182.html * Crypto-Gram November 15, 2002 November 16th, 2002 Crypto-Gram is a free monthly newsletter providing summaries, analyses, insights, and commentaries on computer security and cryptography. This issue includes info on Bruce's new book, security and Japanese Honeybees, reader comments, and more. http://www.linuxsecurity.com/articles/cryptography_article-6180.html * Noisy Light Is New Key To Encryption November 15th, 2002 Scientists at Northwestern University say they have harnessed the properties of light to encrypt information into code that can be cracked only one way: by breaking the physical laws of nature http://www.linuxsecurity.com/articles/cryptography_article-6175.html +------------------------+ | General News: | +------------------------+ * Study: Linux Security Problems Outstrip Microsoft's November 15th, 2002 Open source software has surpassed Microsoft (Nasdaq: MSFT) Latest News about Microsoft software in terms of security Relevant Products/Services from IBM problems, according to an Aberdeen Group report. http://www.linuxsecurity.com/articles/forums_article-6176.html * Perspective: Why IT will love Homeland Security November 13th, 2002 Last week's congressional midterm election means that the Homeland Security Department will be assembled fast--and that's the best news the technology market has heard since Netscape went public.The power shift in Congress means that IT and outsourcing budgets that had been on ice since the dot-com implosion will be thawed and spent. http://www.linuxsecurity.com/articles/government_article-6149.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email [EMAIL PROTECTED] with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email [EMAIL PROTECTED] with 'unsubscribe isn' in the BODY of the mail.
