This week, perhaps the most interesting articles include "Open Source Good for Security," "Set up Your Firewall With Firewall Builder," and "Quickly Grabbing Files Over an Existing SSH connection."

Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.

In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.

LinuxSecurity.com Feature Extras:

Review: Hacking Exposed Linux, Third Edition - "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.

Security Features of Firefox 3.0 - Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security.

Read on for more security features of Firefox 3.0.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

EnGarde Secure Community 3.0.19 Now Available! (Apr 15)

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

news/vendors-products/engarde-secure-community-3019-now-available
Kernel space: Virus Scanning API Spawns Security Debate (Aug 15)

The TALPA malware scanning API was covered in LWN in December, 2007. Several months later, TALPA is back - in the form of a patch set posted by a Red Hat employee. The resulting discussion has certainly not been what the TALPA developers would have hoped for; it is, instead, a good example of how a potentially useful idea can be set back by poor execution and presentation to the kernel community.

Have you heard about the kernel space virus scanning API? This article discusses the debate over it within the kernel development community.
Torvalds: Fed up With the 'Security Circus' (Aug 15)

Linus Torvalds, creator of the Linux kernel, says he's fed up with what he sees as a "security circus" surrounding software vulnerabilities and how they're hyped by security people. Last month Torvalds stated in an online posting that "one reason I refuse to bother with the whole security circus is that I think it glorifies -- and thus encourages -- the wrong behavior. It makes 'heroes' out of security people, as if the people who don't just fix normal bugs aren't as important. In fact, all the boring normal bugs are way more important, just because there's a lot more of them."

Linux Torvalds is back in the news about his views on security. What do you think about his opinion on the security community and the attention that it gets?
Open Source Good for Security (Aug 15)

The key to IT security is secure software - software that is written with not only features, but also security, in mind, says David Jacobson, technical director at Linux services company Synaq. However, says Jacobson, software is seldom developed with an eye on back-end security requirements. Developers are usually under pressure to deliver on required features within tight deadlines which leave little time to check for vulnerabilities each step of the way. The result is that most software is inherently vulnerable.

This article discuses some tips for making sure that the applications that you are running is secure. One tip from this article is to make sure that you know what vulnerability does the program have and are there any patches available.
Set up Your Firewall With Firewall Builder (Aug 14)

Firewall Builder (fwbuilder) is a graphical application that can help you to configure IP traffic filtering. It can compile the filtering policy you define into many specifications, including iptables and various languages used by Cisco and Linksys routers. Separating the actual policy you define and the implementation in this way should let you change what hardware is running your firewall without having to redefine your policy for that platform.

How do you setup your firewall? Do you use an application to help or do you us just write your own Iptables? This article looks at a firewall application called fwbuilder and shows you some of the features of this software.

news/firewall/set-up-your-firewall-with-firewall-builder
Mozilla: Security a Significant Focus (Aug 13)

Mozilla is moving forward on a number of initiatives to ensure that Internet security improves. Among the efforts is a new approach for determining and measuring security metrics.

The security metrics effort, announced earlier this year, is designed to figure out what matters in security and then measure and track those metrics. Snyder explained that the first step of the process, now wrapping up, is about determining what the company needs to look at in terms of security metrics. The next step is figuring how to get that information out of bugzilla and capture it on an ongoing basis. After that the challenge is to get information out and generating raw numbers. At the end the company will do analysis on that information to identify trends, correlate factors and draw conclusions.

Mozilla is working on steps to improve the security of it's software by creating a security metrics. What do you think about this security metrics that they are developing? Will it help the security for Firefox?

news/network-security/mozilla-security-a-significant-focus
Hiding Software Versions - A Step Forward to a Secure Server (Aug 12)

Most of you may not notice, or may not care, about the software versions that get revealed by the running services on your server. By default almost all services reveal some information to the clients that use them. Among this information is the version of the software that is being run. It has always been best practice, not to reveal more than it is needed. Why reveal the version of the service when nobody needs to know it? By letting these details be seen, you don't get anything else, but an extra chance for crackers to break into your server.

Have you though about hiding your version of services to attackers? This article looks at four services VSFTPD, PHP, Apache, and Postfix and simples ways of hiding there version numbers.

news/server-security/hiding-software-versions-a-step-forward-to-a-secure-server
ProcL - Detect Hidden Processes (Aug 11)

Rootkit can be difficult to detect, especially when they are running in kernel. And therefore more difficult to prevent against. This is because they are running into kernel, they can alter functions used by all applications running on the system. These applications will include antivirus, anti-spyware, anti-rootkit etc. Whatever changes made by anti-rootkit or rootkit detectors to prevent against rootkit can simply be unblocked by the better rootkit. The same powers are available with infectors and preventers. This does not mean that all is lost for preventers. But one thing has to be always on the mind of detectors/preventers that what works today, may not work tomorrow.

Detecting rootkits can be a challenge but this article looks at a tool called ProcL. Do you use any other tools for finding hidden processes?
ssh-xfer: Quickly Grabbing Files Over an Existing SSH connection (Aug 11)

The ssh-xfer project uses the local SSH agent to allow you to easily grab files using an existing SSH shell connection. You do not have to modify either the SSH client or server programs to use ssh-xfer -- but you will need to patch your ssh-agent. Although having to patch the ssh-agent is not ideal, you do gain one major advantage by doing this: you can send a file through more than one SSH connection.

Have you ever used ssh-xfer? This article shows the user how to use ssh-xfer to get files over a network using a SSH shell connection.

news/network-security/ssh-xfer-quickly-grabbing-files-over-an-existing-ssh-connection