|  LinuxSecurity.com                            Weekly Newsletter     |
|  November 18th, 2002                          Volume 3, Number 45n  |
|                                                                     |
|  Editorial Team:  Dave Wreski             [EMAIL PROTECTED]    |
|                   Benjamin Thomas         [EMAIL PROTECTED]     |

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "The Unix
Auditors Practical Handbook," "The Study on the Vulnerabilities of
Operating System," "Administering Linux IPSec Virtual Private Networks,"
and "Make Nessus Your New Security Tool of Choice."

This week, advisories were released for PXE, libpng, python, html2ps,
kdenetwork, masqmail, apache-perl, bind, kadmind, smrsh, resolver,
perl-MailTools, nss_ldap, php, traceroute, kpgp, apache, kdelibs, and
syslog-ng.  The distributors include Caldera, Debian, Guardian Digital's
EnGarde Secure Linux, FreeBSD, Gentoo, Red Hat, and SuSE.


FEATURE: Security - Physical and Service
The first installation of a 3 part article covering everything from
physical security and service security to LAMP security (Linux Apache



CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
thanks to the depth of its security strategy..." Find out what the other
Linux vendors are not telling you.



FEATURE:  Security: Apache (2 of 3) - This is the second installation of a
3 part article on LAMP (Linux Apache MySQL PHP). Apache is the most widely
used HTTP-server in the world today.


| Host Security News: | <<-----[ Articles This Week ]-------------

* The Peon's Guide To Secure System Development
November 15th, 2002

Increasingly incompetent developers are creeping their way into important
projects. Considering that most good programmers are pretty bad at
security, bad programmers with roles in important projects are guaranteed
to doom the world to oblivion.


* Identifying A Deleted Account
November 14th, 2002

Last week I extolled the virtues of keeping an audit trail. This actually
came up because a reader was confused about some processes that were
running under a no-longer existing userid.


* The Unix Auditors Practical Handbook
November 14th, 2002

This handbook is meant to be a practical guide to auditing Unix. It will
be kept as up-to-date as possible. The commands and filenames given here
are applicable to a Sun Solaris system. However, there are cross-command
references for AIX and Linux.


* Alien Autopsy: Reverse Engineering Win32 Trojans on Linux
November 14th, 2002

In my last article, Reverse Engineering Hostile Code, I described the
tools and processes involved in basic reverse engineering of a simple
trojan. This article will offer a more detailed examination of the
reversing process, using a trojan found in the wild. At the same time,
this article will discuss some techniques for reversing Windows-native
code entirely under Linux.


* libpcap and tcpdump Sources Trojaned
November 13th, 2002

The FT Conferences Web site was defaced overnight by mischievous crackers
promoting a Russian DJ. Defacement archive Zone-H reports that hackers
broke in using a mistake in the Web site's configuration to post pictures
of Vasya Strelnkikov, a famous Russian DJ.


* The Study on the Vulnerabilities of Operating System
November 11th, 2002

Which Operating System have more vulnerabilities out of the box? Are they
more secure after the latest patches? Do the latest patches add
vulnerabilities? We wanted to see how much the OS patches released really
help and to see which OS is more secure "Out of the Box".


| Network Security News: |

* Consortium Demos Secure Network
November 15th, 2002

A public/private consortium in Oregon is developing a secure information
network that was created as a direct result of homeland security concerns.
The consortium responsible for developing the Oregon Trial of Emergency
and Security Technology (O-TEST) demonstrated the model in Washington,
D.C., Nov. 13.


* Wi-Fi Encryption Fix Not Perfect
November 15th, 2002

The biggest security risks for "Wi-Fi" wireless Internet networks are that
users sometimes fail to turn on their encryption software.  But even the
responsible ones who use the encryption program -- Wired Equivalent
Privacy -- aren't immune to malicious attacks.


* Administering Linux IPSec Virtual Private Networks
November 14th, 2002

This article will discuss some of the more advanced features of FreeS/WAN
that you can leverage to implement flexible and reliable IPSec VPNs. The
ultimate source of information on FreeS/WAN is the official FreeS/WAN Web
site (http://www.freeswan.org).


* Encrypted NFS with OpenSSH and Linux
November 14th, 2002

NFS is a widely deployed, mature, and understood protocol that allows
computers to share files over a network. The main problems with NFS are
that it relies on the inherently insecure UDP protocol, transactions are
not encrypted, hosts and users cannot be easily authenticated, and its
difficulty in firewalling.


* Plan for a security architecture
November 13th, 2002

Volatility and immaturity in security technology will continue to make
enterprisewide technology architectures impractical through 2003. However,
the need for a consistent approach, scalability, agility, and auditability
will drive development of adaptive, top-down security architectures
encompassing consistent policy frameworks, strong process orientation,
service definitions, formal roles/responsibilities, and domain-specific
technology standards (2002-03).


* Layer 2 Analysis of WLAN Discovery Applications for Intrusion
November 12th, 2002

Wireless LAN discovery through the use of applications such as
NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular
technique for network penetration. The discovery of a wireless LAN might
be used for seemingly innocuous Internet access, or to be used as a
"backdoor" into a network to stage an attack.


* Make Nessus Your New Security Tool of Choice
November 12th, 2002

No ace sysadmin should be without Nessus, it's the utility of choice for
hardcore security scanning. Nessus is based on nmap, the excellent port
scanner by Fyodor. Primarily authored by Renaud Deraison, it adds a nice
graphical interface and loads of attack functions.


* Keep Out: Host Intrusion Detection
November 11th, 2002

You need a way to proactively protect your servers from malicious attacks.
Host intrusion prevention, or HIP, is a way to do just that. Using a
variety of different methods, HIP products restrict a program's or a
user's access to system resources, safeguarding the underlying OS from
attacks that take advantage of poorly written code.


| Cryptography News:     |

* BIND / crypt_blowfish Openwall Linux Info
November 17th, 2002

Yesterday I've put out the BIND 4.9.10-OW2 patch, which includes the patch
provided by ISC and thus has the two recently announced vulnerabilities
affecting BIND 4 fixed. Another recent update is crypt_blowfish 0.4.5.


* Crypto-Gram November 15, 2002
November 16th, 2002

Crypto-Gram is a free monthly newsletter providing summaries, analyses,
insights, and commentaries on computer security and cryptography. This
issue includes info on Bruce's new book, security and Japanese Honeybees,
reader comments, and more.


* Noisy Light Is New Key To Encryption
November 15th, 2002

Scientists at Northwestern University say they have harnessed the
properties of light to encrypt information into code that can be cracked
only one way: by breaking the physical laws of nature


|  General News:         |

* Study: Linux Security Problems Outstrip Microsoft's
November 15th, 2002

Open source software has surpassed Microsoft (Nasdaq: MSFT) Latest News
about Microsoft software in terms of security Relevant Products/Services
from IBM problems, according to an Aberdeen Group report.


* Perspective: Why IT will love Homeland Security
November 13th, 2002

Last week's congressional midterm election means that the Homeland
Security Department will be assembled fast--and that's the best news the
technology market has heard since Netscape went public.The power shift in
Congress means that IT and outsourcing budgets that had been on ice since
the dot-com implosion will be thawed and spent.


Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email [EMAIL PROTECTED]
         with "unsubscribe" in the subject of the message.

ISN is currently hosted by Attrition.org

To unsubscribe email [EMAIL PROTECTED] with 'unsubscribe isn'
in the BODY of the mail.

Reply via email to