Originally to: All +---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 17th, 2003 Volume 4, Number 11n | | | | Editorial Team: Dave Wreski [EMAIL PROTECTED] | | Benjamin Thomas [EMAIL PROTECTED] | +---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Using Postfix for Secure SMTP Gateways," "Cryptographic Filesystems: Design and Implementation," "Linux Security Modules: General Security Support for the Linux," and "A practical approach for defeating Nmap OS-Fingerprinting." LINUX ADVISORY WATCH: This week advisories were released for zlib, sendmail, qpopper, file, snort, mysqlcc, netscape-flash, ethereal, usermode, tcpdump, and lprold. The distributors include Caldera, Debian, Guardian Digital's EnGarde Secure Linux, Gentoo, Mandrake, NetBSD, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-6896.html ---------------------------------------------------------------------- * Comprehensive SPAM Protection! - Guardian Digial's Secure Mail Suite is unparalleled in security, ease of management, and features. Open source technology constantly adapts to new threats. Email firewall, simplified administration, automatically updated. --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=mailn3 ---------------------------------------------------------------------- Remote Syslog with MySQL and PHP Msyslog has the ability to log syslog messages to a database. This allows for easier monitoring of multiple servers and the ability to be display and search for syslog messages using PHP or any other programming language that can communicate with the database.by that, too. http://www.linuxsecurity.com/feature_stories/feature_story-138.html #### Concerned about the next threat? #### #### EnGarde is the undisputed winner! #### Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you. http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarden2 +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Samba 2.2.8 Available, Fixes Serious Security Vulnerability March 15th, 2003 This release provides an important security fix outlined in the release notes that follow. This is the latest stable release of Samba and the version that all production Samba servers should be running for all current bug-fixes. http://www.linuxsecurity.com/articles/server_security_article-6902.html * Using Postfix for Secure SMTP Gateways March 13th, 2003 Wietse Venema, intrepid developer of TCP wrappers and co-creator of SATAN, has come through for us again: his program, postfix, provides an alternative to sendmail that is simpler in design, more modular, easier to configure and less work to administer. http://www.linuxsecurity.com/articles/server_security_article-6895.html * Snort survives first vulnerability March 13th, 2003 Snort, the immensely popular open-source intrusion-detection system, is no longer confined to cult status. Since going commercial in 2001 with the formation of Columbia, Md.-based Sourcefire Inc., Snort has extended its reach into enterprises and deep into the federal government. http://www.linuxsecurity.com/articles/forums_article-6894.html * Manage Passwords Safely--and Simply March 13th, 2003 You're doing a little Web browsing at work when you come upon Widgetsnmore.com, a site that looks vaguely familiar. Suddenly, you see it: the multipurpose electronic gadget polisher you've coveted for weeks--and it's half price until 5 o'clock today! You click on the image to order it, and...uh-oh. The site asks for your password. What do you do? http://www.linuxsecurity.com/articles/host_security_article-6889.html * Cryptographic Filesystems: Design and Implementation March 11th, 2003 As security becomes a greater focus in networks, every aspect of online information needs a level of protection from the network-level use of firewalls and IDS to the host-level use of IDS. However, an additional level of security has recently come to the forefront of security - cryptographic filesystems. http://www.linuxsecurity.com/articles/cryptography_article-6880.html * Buffer Overflow Attacks and Their Countermeasures March 10th, 2003 Buffer overflow problems always have been associated with security vulnerabilities. In the past, lots of security breaches have occurred due to buffer overflow. This article attempts to explain what buffer overflow is, how it can be exploited and what countermeasures can be taken to avoid it. http://www.linuxsecurity.com/articles/server_security_article-6872.html * Linux Security Modules: General Security Support for the Linux Kernel March 10th, 2003 The access control mechanisms of existing mainstream operating systems are inadequate to provide strong system security. Enhanced access control mechanisms have failed to win acceptance into mainstream operating systems due in part to a lack of consensus within the security community on the right solution. http://www.linuxsecurity.com/articles/general_article-6871.html * Securing Linux March 10th, 2003 Here we go again. I decided to write another article concerning some overall security aspects of installing and running linux. To keep it short and simple, here are some good pointers to enhancing your system's security. http://www.linuxsecurity.com/articles/general_article-6870.html +------------------------+ | Network Security News: | +------------------------+ * SSH Tunneling part 3 - Where does the crypto end? March 16th, 2003 The book starts with a chapter dedicated to security basics. The author introduces general security principles and helps you realize why firewalls exist. Yeo naturally notes that a firewall is not the only method of defense you should use. http://www.linuxsecurity.com/articles/documentation_article-6904.html * Wireless LAN Analyzers: The Ultimate Hacking Tools? March 14th, 2003 In a Wireless LAN (WLAN), things are different. Its physical medium is the electromagnetic spectrum, which exists everywhere and respects few boundaries. Wi-Fi is now available at two different frequencies-IEEE 802.11b at 2.4GHz and IEEE 802.11a at 5GHz-and both can suffer interference from neighboring networks and other sources. http://www.linuxsecurity.com/articles/network_security_article-6900.html * Personal Firewalls for Administrators and Remote Users March 13th, 2003 The book starts with a chapter dedicated to security basics. The author introduces general security principles and helps you realize why firewalls exist. Yeo naturally notes that a firewall is not the only method of defense you should use. http://www.linuxsecurity.com/articles/documentation_article-6888.html * Open Source Honeypots, Part Two: Deploying Honeyd in the Wild March 13th, 2003 This is the second part of a three-part series looking at Honeyd, an open source solution that is excellent for detecting attacks and unauthorized activity. In the first paper, we introduced honeypots and discussed what they are, their value, and the different types of honeypots. We then went into detail about the Honeyd,. http://www.linuxsecurity.com/articles/intrusion_detection_article-6892.html * Study Exposes WLAN Security Risks March 13th, 2003 As wireless networks continue to gain acceptance and become integral to corporate computing environments, IT departments continue to ignore the myriad security problems inherent to wireless LANs, according to a new study by RSA Security Inc. http://www.linuxsecurity.com/articles/network_security_article-6890.html * IP Spoofing: An Introduction March 11th, 2003 Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking. It should come as no surprise then, that criminals who conduct their nefarious activities on networks and computers should employ such techniques. http://www.linuxsecurity.com/articles/network_security_article-6877.html * A practical approach for defeating Nmap OS-Fingerprinting March 11th, 2003 Remote OS Fingerprinting is becoming more and more important, not only for security pen-testers, but for the black-hat. Just because Nmap is getting popularity as the tool for guessing which OS is running in a remote system, some security tools have been developed to fake Nmap in its OS Fingerprinting purpose. http://www.linuxsecurity.com/articles/intrusion_detection_article-6882.html * Virtual Private Networks March 10th, 2003 The concept of the Virtual Private Networks (VPN) is very simple. Take the worlds largest network, the Internet, and use encryption to pass traffic between two or more locations securely, making it a private network. However until recently, the application of this simple concept has been very complex and not cost effective. http://www.linuxsecurity.com/articles/network_security_article-6873.html +------------------------+ | General News: | +------------------------+ * Irish Honeynet slammed by attacks March 16th, 2003 The Irish Honeynet enticed nearly 600 attacks in January, while the rampant Slammer worm even caused it to be brought down for a day during the month. The decoy computer network, which was established to study cyber attackers, recorded 597 attacks during January. http://www.linuxsecurity.com/articles/intrusion_detection_article-6903.html * 'Honest, We're the Good Guys' March 14th, 2003 American businesses feel a little like a rope that's being used in a tug of war between privacy and patriotism. Their customers want the personal information that businesses collect to be kept private, but the government wants access to some of that data for use in various homeland security plans. http://www.linuxsecurity.com/articles/privacy_article-6898.html * Is a Sendmail worm likely? March 12th, 2003 A serious buffer overflow vulnerability announced last week in Sendmail is ripe to be exploited by targeted attacks, but it is also possible for a worm writer to write malicious code that exploits the security hole. No one can say whether a worm writer will create malware that targets the Sendmail flaw, but it is possible, experts said. http://www.linuxsecurity.com/articles/server_security_article-6886.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email [EMAIL PROTECTED] with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ Posted at TCOB1 - Must not be crossposted to any other echo or network without the prior permission of Sean Rima - To unsubscribe from this list: send the line "unsubscribe linux-newbie" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.linux-learn.org/faqs
