Linux Security Week - March 11th 2002

    Date10 Mar 2002
    Posted ByAnthony Pell
    This week, perhaps the most interesting articles include "Snort-Setup for Statistics HOWTO," "Ad Zapping With Squid," "Modular Authentication for Linux," and "Implementing a Bridging Firewall.". . . This week, perhaps the most interesting articles include "Snort-Setup for Statistics HOWTO," "Ad Zapping With Squid," "Modular Authentication for Linux," and "Implementing a Bridging Firewall."

    This week, advisories were released for php, cfs, cvs, xsane, openssh, apache, ntop, squid, and radiud-cistron. The vendors include Conectiva, Debian, EnGarde, FreeBSD, Red Hat, Slackware, SuSE, and Yellow Dog.

    Security & Simplicity, Finally! - Are you looking for a solution that provides the applications necessary to easily create thousands of virtual Web sites, manage e-mail, DNS, firewalling database functions for an entire organization, and supports high-speed broadband connections all using a Web-based front-end? EnGarde Secure Professional provides those features and more!

    FEATURE: Linux 802.11b and wireless (in)security - In this article, Michael talks about Linux and background on wireless security, utilities to interrogate wireless networks, and the top tips you should know to improve wireless security of your network.

    Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

    Host Security News:

    March 7th, 2002 -- OpenSSH Local User Privilege Escalation Vulnerability -- A week ago, on Feb. 26, Network Associates (NAI) sent an e-mail to some of its customers announcing that it had killed the PGP Desktop Security product line. This, ladies and gentlemen, is very grim news indeed. Why do I care about PGP Desktop? Because it's a critical software package for me, and presumably for many of you as well.

    March 6th, 2002 -- Building a CD Bootable Firewall -- This document covers the basic steps I took in building a bootable CD containing a live FreeBSD filesystem with a couple of security features enabled and configured. With this CD, it is possible to transform a PC from a mediocre workstation into a VPN Gateway or firewall or both without touching the hard drive.

    March 5th, 2002 -- Multi-Layered Security -- In this article I discuss generalized ways to increase system and network trust. While my examples are somewhat FreeBSD-centric, they can be abstracted to almost any platform. There is a popular misconception floating around the corporate sector. Many individuals tout, UNIX is not as secure as other operating systems.

    March 5th, 2002 -- CERT: Vulnerabilities in Various Implementations of the RADIUS Protocol -- Two vulnerabilities in various implementations of RADIUS clients and servers have been reported to several vendors and the CERT/CC. They are remotely exploitable, and on most systems result in a denial of service. VU#589523 may allow the execution of code if the attacker has knowledge of the shared secret.

    March 4th, 2002 -- Snort-Setup for Statistics HOWTO -- This HOWTO describes how to configure Snort version 1.8.3 to be used in conjunction with the statistical tools ACID (Analysis Console for Intrusion Databases) and SnortSnarf. It also intends to get some internal statistics out of snort, e.g. if there are packets dropped.

    Network Security News:

    March 10th, 2002 -- Ad Zapping With Squid -- For some time at my workplace we've been running an ad-zapping service on our web proxy. This page documents how it works, how to use it yourself, how to join the mailing list for updates of the pattern file, and the weirdnesses of our local setup (which you need not duplicate yourself).

    March 7th, 2002 -- Drive-by hackings a myth? -- The wireless networking industry is being hamstrung by a myth that it is peddling an insecure product, according to a principal analyst at Gartner. Speaking at NetEvents in Montreux Andy Rolfe said that, for all the high profile news about the potential for drive-by hackings, he is yet to see an actual case reported.

    March 7th, 2002 -- Wireless: In the Air Tonight -- So what has this taught us? Once again, the lesson is Security in Depth. Different teachers, different textbook, same lesson. More and more wireless networks are being deployed everyday, but I don't think that there is a corresponding increase in security training.

    March 5th, 2002 -- SwitchSniff -- For those who think switched Ethernet environments are sniff-proof, the author offers this warning. Switches may be difficult to sniff, but they are certainly not immune. As is clear from the above sections, one method of sniffing in a switched environment is using ARP spoofing, and the machine that will most probably be ARP spoofed is the gateway.

    March 4th, 2002 -- Implementing a Bridging Firewall -- What is the difference between a bridging firewall and a conventional firewall? Usually a firewall also acts as a router: systems on the inside are configured to see the firewall as a gateway to the network outside, and routers outside are configured to see the firewall as the gateway to the protected network.

    March 4th, 2002 -- Modular Authentication for Linux -- You can set up your systems so Linux users can gain secure authentication against a Windows NT Domain. That way they won't need a Linux account and a separate NT Domain account. It'll make life easier for you as a network administrator and make your power users happier.

    March 4th, 2002 -- Network Security with /proc/sys/net/ipv4 -- David Lechnyr submitted a paper he wrote on how to use /proc to tune network security settings. "In additional to firewall rulesets, the /proc filesystem offers some significant enhancements to your network security settings.

    Cryptography News:

    March 6th, 2002 -- $100,000 prize in 'unbreakable' crypto challenge -- A company called Bodacion Technologies is offering $100,000 to anyone who can crack their biomorphic number generator and predict the final, one-thousandth, number in a sequence of 999. The company is dong this to promote its Hydra server, which uses biomorphic computation for crypto routines.

    March 5th, 2002 -- PGP is dead! Long live PGP? Maybe -- A week ago, on Feb. 26, Network Associates (NAI) sent an e-mail to some of its customers announcing that it had killed the PGP Desktop Security product line. This, ladies and gentlemen, is very grim news indeed. Why do I care about PGP Desktop? Because it's a critical software package for me, and presumably for many of you as well.

    Vendor/Product/Tools News:

    March 10th, 2002 -- PHP Audit Project -- Because PHP is a critical piece of the hosting service puzzle, the PHP audit project was started in order to harden the PHP interpreter against known and unknown vunlerabilities. We are also trying to add some enhancements for the OpenBSD operating system, without breaking the portability to other systems.

    March 8th, 2002 -- PGP Encryption Will Survive, Inventor Says -- Pretty Good Privacy will go on, despite a move by Network Associates to shelve the encryption product after it couldn't find a buyer, PGP inventor Phil Zimmermann says. Although Zimmermann sold PGP to Santa Clara, California-based NAI in 1997, the protocols for the encryption code are open to all on the Internet.

    General News:

    March 8th, 2002 -- Davis reinforces security rules -- Rep. Tom Davis (R-Va.) introduced a bill March 6 that would update and extend the Government Information Security Reform Act, as members of Congress expressed concern over current legislation.

    March 8th, 2002 -- Configuring Amanda -- Amanda is the Advanced Maryland Automatic Network Disk Archiver, developed at the University of Maryland in the 1990s. While it is now maintained at SourceForge and support is provided only through mailing lists and a FAQ-O-MATIC, it is still a highly useful, stable network backup utility with a wide range of features.

    March 8th, 2002 -- Best Computer Security Method Overlooked By Industry -- A team of Penn State and Iowa State researchers has tested and rated three "smart" classification methods capable of detecting the telltale patterns of entry and misuse left by the typical computer network intruder. They found that one, called "rough sets," currently overlooked by the industry, is the best.

    March 6th, 2002 -- New British standard can improve security -- Information is an important asset, and keeping it safe from hackers, crashes, viruses or simply prying eyes has become a top priority. For online trading to take off - either business-to-consumer or business-to-business - confidence in the security of money and data needs to be guaranteed.

    March 5th, 2002 -- Curious employees are biggest security risk -- Forget about Internet crackers, employees are the biggest security problem for most businesses. That's the main conclusion of a survey of UK IT managers which suggests that most firms are prepared for the threats posed by viruses and hackers, but are still struggling to secure data on their own networks.

    March 4th, 2002 -- The Myth of Open Source Security Revisited -- The author revisits a debate begun here recently on the nature of security in Open Source projects: do 'lots of eyeballs' insure secure code? It is a common misconception amongst users of Open Source software that it is a panacea when it comes to creating secure software.

    LinuxSecurity Poll

    What is your favorite page/section?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"73","title":"News","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"74","title":"Advisories ","votes":"5","type":"x","order":"2","pct":83.33,"resources":[]},{"id":"75","title":"HOWTOs","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"76","title":"Latest Features ","votes":"1","type":"x","order":"4","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.