DEMYSTIFY THE SPAM BUZZ: Roaring Penguin Software Understanding the anti-spam solution market and its various choices and buzzwords can be daunting task. This free whitepaper from Roaring Penguin Software helps you cut through the hype and focus on the basics: determining what anti-spam features you need, whether a solution you are considering includes them, and to what degree. Find out more!
LINUX ADVISORY WATCH - This week, advisories were released for ethereal, kernel, netkit-telnet, mc, mailreader, samba, mozilla, lsof, thunderbird, epiphany, devhelp, spamassassin, slypheed, krb5, xorg, telnet, foomatic, squid, ImageMagick, gdk, mpg321, ipsec-tools, htdig, grip, mysql, XFree86, and MySQL. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, and SuSE.
LinuxSecurity.com Feature Extras:
Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple.
The Tao of Network Security Monitoring: Beyond Intrusion Detection - The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff.
Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Mapping Security: The Corporate Security Sourcebook for Today's Global Economy | ||
|
31st, March, 2005
Security in any enterprise should extend beyond just information technology to become an integral part of the organization's overall strategic plan. This concept is explored in great detail by the book, Mapping Security: The Corporate Security Sourcebook for Today's Global Economy. In this download of Chapter 3, Establishing Your Coordinates, authors Tom Patterson and Scott Gleeson Blue explain why organizations need to forget the traditional notions of risk. Enterprises should identify and measure weaknesses in all areas of the organization before starting any strategic planning. This download shows you where to look for weaknesses and how to begin that process. |
||
| Guardian Digital Announces New Firewall Product | ||
1st, April, 2005
Guardian Digital, Inc., a leader in open source security products, today announced the release of a new firewall product that will revolutionize internet security as we know it, forever. |
||
| Learn how to beef up Web application security | ||
|
30th, March, 2005
When embracing a defense-in-depth strategy for your organization's systems, setting up a secure network boundary and applying best business practices to your internal clients is a great start. But the work doesn't stop there. One area that organizations often overlook is application security for Web-enabled applications. In fact, some of the recent, highly publicized thefts of private information occurred due to poor application design and implementation. |
||
| ISPs join to 'fingerprint' Internet attacks | ||
|
28th, March, 2005
Leading global telecommunications companies, ISPs, and network operators will begin sharing information on Internet attacks as members of a new group called the "Fingerprint Sharing Alliance," according to a published statement from the new group. |
||
| SMOOTHWALL LAUNCHES ITS FIRST FIREWALL AIMED AT LARGE ENTERPRISES | ||
|
31st, March, 2005
Network security specialist SmoothWall Limited, is today previewing its new Advanced Firewall, aimed at enterprise customers and organisations with demanding security requirements. Like its existing Corporate firewall for medium sized organisations, Advanced Firewall is based on open source technology, enabling SmoothWall to provide sophisticated enterprise class features at prices starting from £950. |
||
| Spammer, ID Yourself | ||
|
29th, March, 2005
IBM last week introduced technology called FairUCE, for Fair Use of Unsolicited Commercial E-mail, that blocks spam by trying to ID the sender's Internet domain rather than evaluating message content. |
||
| The demise of traditional perimeter defences | ||
30th, March, 2005
There is a classic moment during the battle for Helm’s Deep in the epic film, Lord of the Rings, the Two Towers, when King Theoden stands atop the supposedly impregnable city. Rain sodden, he surveys the massed ranks of Saruman’s armies and defiantly shouts ‘Is this all you’ve got?’ A few fateful minutes, and a well placed explosive, later his confidence is shattered and replaced with fear as he realises that his fortress has been penetrated. |
||
| Securing your online privacy with Tor | ||
|
31st, March, 2005
You may never think about it, but many of your online activities may be monitored and analyzed. Advertising companies, government agencies, and private users can use traffic analysis to gather information about which Web sites and pages you visit, what newsgroups you read, and whom you talk to on IRC. While there is no need to be paranoid (or is there???), you can keep your online communication private. The Tor project can help you with that. |
||
| Tips for when hackers strike | ||
|
28th, March, 2005
The nightmare started when I returned to my office to discover 17 missed calls on my cell phone. A moment later, the phone rang again. A frantic customer complained of "eyes" on his Web site. I visit the site, and, lo and behold, discovered it proclaiming being "owned" by a hacking group. Upon further investigation, I discovered all the other Web sites on the Debian-based server had been defaced. |
||
| When will open source security grow up? | ||
|
29th, March, 2005
There are great open source products for nearly every purpose. But I have yet to find many in the security field. Most seem hand-written, based on books like the O’Reilly Secure Progrmaming Cookbook. Maybe I’m not looking hard enough. If I’m not, please point to your favorite open source security in TalkBack. |
||
| Asset Management | ||
|
28th, March, 2005
How to fully utilise the resources at one’s disposal is one of the major dilemmas facing enterprises not only in the Middle East, but also around the globe. Increased efficiency results in costs savings and allows enterprises to focus attention to grander plans. Rashed AlOthman, senior vice president of IT services and control at Riyad Bank, has a simple mantra: The less complex a system an enterprise has, the fewer resources it is going to utilise. |
||
| Security: getting proactive about it | ||
|
28th, March, 2005
The growth of the Indian security solutions market exceeded the expectations of most analysts last year. This momentum is expected to continue in 2005 as security war chests are expected to be opened wide this year. Analysts from Frost & Sullivan say that the growth of the network security market in India will exceed the projected growth rate of 32.4 percent in 2005. The IT and BPO industry will be the biggest consumers of security solutions. |
||
| Compliance Fuels Security, Systems Acquisitions | ||
|
29th, March, 2005
Compliance requirements are fueling convergence between systems management and security markets, highlighted by several acquisitions over the last few years, experts said. Last Wednesday, Altiris agreed to acquire Pedestal Software for threat management for $65 million. BMC filled an important gap in an existing identity management product line by buying OpenNetwork for $18 million. Novell shored up its resource management and IT asset management suite by moving in on Tally Systems for an undisclosed sum. |
||
| Take the initiative on security certification to meet the demands of corporate partners | ||
|
29th, March, 2005
Multinational companies invest a lot of money in IT security and increasingly expect smaller partners and suppliers to demonstrate the same level of commitment. IT security experts speaking at the RSA Security Conference last month predicted that large companies would in the future specify minimum security standards in contracts before doing business with their suppliers. |
||
| VoIP Security Alliance Gets to Work | ||
|
29th, March, 2005
A consortium of companies focused on Voice over Internet Protocol (VoIP) Security is taking the first steps toward finding common ground in an emerging market and is boosting its presence by adding to the membership ranks. |
||
| Why Due Diligence as a Defense is Not Enough | ||
|
29th, March, 2005
Corporate executives love two words, “Due Diligence | ||
