DEMYSTIFY THE SPAM BUZZ: Roaring Penguin Software Understanding the anti-spam solution market and its various choices and buzzwords can be daunting task. This free whitepaper from Roaring Penguin Software helps you cut through the hype and focus on the basics: determining what anti-spam features you need, whether a solution you are considering includes them, and to what degree. Find out more!
LINUX ADVISORY WATCH - This week, advisories were released for MySQL, samba, ImageMagick, krb5, remstats, wu-ftpd, sharutils, util-linux, words, gaim, e2fsprogs, subversion, ipsec-tools, libexif, htdig, grip, gtk2, tetex, curl, gdk-pixbuf, and XFree86. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, and SuSE.
LinuxSecurity.com Feature Extras:
Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple.
The Tao of Network Security Monitoring: Beyond Intrusion Detection - The Tao of Network Security Monitoring is one of the most comprehensive and up-to-date sources available on the subject. It gives an excellent introduction to information security and the importance of network security monitoring, offers hands-on examples of almost 30 open source network security tools, and includes information relevant to security managers through case studies, best practices, and recommendations on how to establish training programs for network security staff.
Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).
Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
The Hacker-Proof Network | ||
5th, April, 2005
In Cambridge, Mass., not too far from the Charles River, which cuts near Harvard and M.I.T., David Pearson is attempting to build an un-hackable network. |
||
The security risk of hard disk password protection | ||
4th, April, 2005
In most notebooks the hard disk can be protected against unauthorized access with the aid of a password. Without it the disk, even went inserted into another computer, cannot be made to divulge its data. This security function has meanwhile become a feature of almost all 3.5" ATA hard disks and presents a full-blown security loophole. |
||
A Couple Points on the "Open Source War" | ||
8th, April, 2005
I hadn't actually noticed the Security Innovation study comparing the frequency of reported security problems in the Windows and open source web application server stacks. These kinds of surveys and tests are pretty easily manipulated. But since eSchool News has an article on the matter, I might as well weigh in. |
||
Hack Job | ||
4th, April, 2005
When a hacker broke into the network at George Mason University (VA) earlier this year, IT officials were absolutely powerless to stop him. Within minutes, the hacker compromised the school’s main Windows 2000 server and gained access to information that included names, Social Security numbers, university identification numbers, and even photographs of almost everyone on campus. Next, he poked around for a back door into other GMU servers that store information such as student grades, financial aid, and payroll. |
||
7 Myths About Network Security | ||
4th, April, 2005
Hacker tools are growing more sophisticated and automated. Hackers can now quickly adapt to new security vulnerabilities as they are uncovered and distribute the fruits of their exploits more widely with the help of automated toolkits. And they're employing an ever-increasing range of methods to find individuals' and companies' private information and use it to their own advantage. |
||
SANS tracking active DNS cache poisonings | ||
6th, April, 2005
Around 22:30 GMT on March 3, 2005 the SANS Internet Storm Center began receiving reports from multiple sites about DNS cache poisoning attacks that were redirecting users to websites hosting malware. As the "Handler on Duty" for March 4, I began investigating the incident over the course of the following hours and days. This report is intended to provide useful details about this incident to the community. |
||
DNSSEC: What Is It Good For? | ||
7th, April, 2005
DNSSEC, which stands for DNS Security Extensions, is a method by which DNS servers can verify that DNS data is coming from the correct place, and that the response is unadulterated. In this article we will discuss what DNSSEC can and cannot do, and then show a simple ISC Bind 9.3.x configuration example. |
||
DNS cache poisoning update | ||
8th, April, 2005
The InfoCon is currently set at yellow in response to the DNS cache poisoning issues that we have been reporting on for the last several days. We originally went to yellow because we were uncertain of the mechanisms that allowed seemingly "secure" systems to be vulnerable to this issue. Now that we have a better handle on the mechanisms, WE WANT TO GET THE ATTENTION OF ISPs AND ANY OTHERS WHO RUN DNS SERVERS THAT MAY ACT AS FORWARDS FOR DOWNSTREAM Microsoft DNS SYSTEMS. If you are running BIND, please consider updating to Version 9. |
||
Anatomy of an Attack: The Five Ps | ||
4th, April, 2005
In a meeting with an engineer (Jonathan Hogue) from a security company called Okena (recently acquired by Cisco), I was introduced to the concept of the five Ps. Hogue graciously gave me the presentation slide and I use it all the time. There are a lot of models of how an attack progresses, but this is the best I've seen. These five steps follow an attack's progression whether the attack is sourced from a person or an automated worm or script. We will concentrate on the Probe and Penetrate phases here, since these are the stages that Snort monitors. Hopefully, the attacker won't get past these phases without being noticed. The five Ps are Probe, Penetrate, Persist, Propagate, and Paralyze. |
||
To catch a thief? | ||
8th, April, 2005
When we turn our minds to matters of e-security, our first thoughts tend to be about defenses such as firewalls and intrusion detection. And rightly so. After all, there is much wisdom in the pursuit of prevention before cure. But, what happens when our defenses are breached? How should we respond to such an incident? |
||
Red Hat Patches Security Flaw | ||
5th, April, 2005
Enterprise Linux users should update their installations of XFree86 to remedy several security holes, some of which could allow attackers to take over a system. According to an advisory released by Red Hat affected operating systems include Enterprise Linux AS 3, Enterprise Linux ES 3 and Enterprise Linux WS 3. |
||
Linux still seen as most secure | ||
7th, April, 2005
Microsoft's efforts to improve the security of Windows have paid off, leading to significant improvements in patch management and other areas, according to executives from North American companies surveyed by Yankee Group. The Linux-Windows 2005 TCO Comparison Survey, to be published in full in June, is based on responses from 509 companies of all sizes in markets such as healthcare, academia, financial services, legal, media, retail and government, Yankee Group said this week. |
||
Red Hat patches critical hole | ||
4th, April, 2005
Red Hat is warning enterprise Linux users to update their installations of XFree86 to fix a number of serious security bugs, some of which could allow attackers to take over a system. |
||
Flaw found in Firefox | ||
7th, April, 2005
A flaw has been discovered in the popular open-source browser Firefox that could expose sensitive information stored in memory, Secunia has warned. |
||
Firefox Flaw Publicity Good for Open Source | ||
6th, April, 2005
Publicity surrounding the JavaScript flaw shows “the open source system is working, |