Originally to: All +---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 10th, 2003 Volume 4, Number 10n | | | | Editorial Team: Dave Wreski [EMAIL PROTECTED] | | Benjamin Thomas [EMAIL PROTECTED] | +---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Get out of a BIND: Install DJBDNS," "E-Mail Security as a Key Factor for Keeping Privacy on Internet," "Bound by Tradition: A Sampling of the Security Posture of the Internet's DNS Servers," and "Strategies & Issues: Justifying Security Spending." LINUX ADVISORY WATCH: This week, advisories were released for sendmail, php, slocate, mhc, eterm, tcpdump, snort, OpenSSL, tg3, squirrelmail, and im. The distributors include Conectiva, Debian, FreeBSD, Gentoo, Mandrake, NetBSD, Red Hat, Slackware, SuSE, and Yellow Dog. http://www.linuxsecurity.com/articles/forums_article-6858.html ---------------------------------------------------------------------- * Comprehensive SPAM Protection! - Guardian Digial's Secure Mail Suite is unparalleled in security, ease of management, and features. Open source technology constantly adapts to new threats. Email firewall, simplified administration, automatically updated. --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=mail2 ---------------------------------------------------------------------- Remote Syslog with MySQL and PHP Msyslog has the ability to log syslog messages to a database. This allows for easier monitoring of multiple servers and the ability to be display and search for syslog messages using PHP or any other programming language that can communicate with the database.by that, too. http://www.linuxsecurity.com/feature_stories/feature_story-138.html #### Concerned about the next threat? #### #### EnGarde is the undisputed winner! #### Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you. http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarden1 +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Get out of a BIND - install DJBDNS. March 7th, 2003 The Internet Software Consortium rather silently released new bugfix versions of BIND this week. If you're tired of constantly updating BIND, consider DJBDNS. http://www.linuxsecurity.com/articles/documentation_article-6857.html * Guardian Digital Launches Open Source Secure Mail Suite March 7th, 2003 Guardian Digital, Inc., the leading open source security company, today announced the availability of the Guardian Digital Secure Mail Suite, the industry's most secure and cost-effective email platform. http://www.linuxsecurity.com/articles/vendors_products_article-6831.html +------------------------+ | Network Security News: | +------------------------+ * SSH Tunneling Part 2: Remote Forwarding March 9th, 2003 Want to encrypt an otherwise cleartext transmission? SSH Tunneling may be the tool for you. http://www.linuxsecurity.com/articles/documentation_article-6865.html * E-Mail Security as a Key Factor for Keeping Privacy on Internet March 7th, 2003 Commonly acknowledged as a medium that vastly changes our life, the Internet reveals new social and personal opportunities. However, while it breaks down barriers, the Internet remains an unsafe environment with serious security issues you can't ignore. http://www.linuxsecurity.com/articles/security_sources_article-6861.html * Bound by Tradition: A Sampling of the Security Posture of the Internet's DNS Servers March 6th, 2003 DNS servers across the Internet running BIND are not up to date with security patches and software updates. As a result, a significant fraction of the Internet's DNS servers is vulnerable to compromise, subversion, denial of service, and general misuse. http://www.linuxsecurity.com/articles/server_security_article-6856.html * The WLAN's Weakest Link March 6th, 2003 After two years of rousing debate, the body responsible for the Wi-Fi standard is finally putting the finishing touches on its new security standard, IEEE 802.11i. http://www.linuxsecurity.com/articles/network_security_article-6853.html * How to Sell: Security - Part 1 - Scaling Defences March 3rd, 2003 Antivirus software companies have often been accused of writing viruses to keep themselves in business, rather like a bouncer starting fights at a nightclub so that he can then break them up. But regardless of where the threats to security come from, you will always need someone at the door to deal with the problem. http://www.linuxsecurity.com/articles/forums_article-6832.html +------------------------+ | General News: | +------------------------+ * Six/Four: The Internet Under Cover March 7th, 2003 The Six/Four System is peer-to-peer technology that makes it possible to carry out almost any Internet activity securely and -- more importantly, for all sorts of reasons -- anonymously. http://www.linuxsecurity.com/articles/privacy_article-6863.html * Security Swallows A Twelfth of IT Budgets March 7th, 2003 IT directors have been advised to spend three to eight per cent of their IT budgets on ongoing security costs. The figures are best practice guidelines given by analyst Meta at its 14th annual forum in Barcelona earlier this week. http://www.linuxsecurity.com/articles/forums_article-6864.html * Key Internet Registry Weathers Serious DDoS Assault March 7th, 2003 Internet registry RIPE (Rseaux IP Europens) yesterday reported its services were back to normal, after it became the victim of a serious DDoS at the end of last month. http://www.linuxsecurity.com/articles/hackscracks_article-6862.html * Strategies & Issues: Justifying Security Spending March 6th, 2003 Increases in cybercrime, widespread worm and virus outbreaks, the specter of catastrophic cyberterrorism, and regulatory requirements in HIPAA, Gramm Leach Bliley, and other government mandates have boosted the profile of computer security. Once the province of a few long-haired firewall gurus in the server room, computer security now merits its own C-level executives and has become an agenda item at board meetings. http://www.linuxsecurity.com/articles/forums_article-6854.html * An Analysis of Simile March 5th, 2003 Virus writers have always tried to develop new methods to make malware detection more difficult. For instance, encryption was a natural step in virus evolution when scanners started to use databases with scan strings for detection. http://www.linuxsecurity.com/articles/general_article-6844.html * The Consequences of Criminalizing Crypto March 3rd, 2003 There is nothing like the fear of weapons of mass destruction to bring out weary old legislative proposals. Earlier this month, it leaked out that the Justice Department was considering a broad expansion of its investigative authority, including the creation of new criminal offenses, ostensibly to assist in the fight against terrorism. http://www.linuxsecurity.com/articles/cryptography_article-6829.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email [EMAIL PROTECTED] with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ Posted at TCOB1 - Must not be crossposted to any other echo or network without the prior permission of Sean Rima - To unsubscribe from this list: send the line "unsubscribe linux-newbie" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.linux-learn.org/faqs
