General Esm W900
This week, perhaps the most interesting articles include "Preventing Brute Force Attacks With BlockHosts," "," and "Simplified Mandatory Access Control Kernel."


Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.

In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.


LinuxSecurity.com Feature Extras:

    Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


Virus Protection With F-PROT Antivirus On Ubuntu Feisty Fawn
24th, September, 2007

This tutorial shows how you can install and use F-PROT Antivirus on an Ubuntu Feisty Fawn desktop. Although there aren't many Linux viruses out there, this can be useful if you often exchange files with Windows users - it can help you to not pass on any Windows viruses (that don't do any harm to Linux systems) to Windows users. F-PROT Antivirus for Linux is free for home use. This was the first time I have heard of F-PROT Antivirus. Personal I don't use any virus scanners on my Linux machines, but I happy to see that they are out there. Do you use any antivirus software on your Linux box?

news/network-security/virus-protection-with-f-prot-antivirus-on-ubuntu-feisty-fawn
Firefox 3.0 Alpha Blocks Malware, Secures Plug-in Updates
25th, September, 2007

The malware blocker, which was first mocked up in June, will block Web sites thought to contain malicious downloads. The feature, a companion to the phishing site alert system in the current Firefox 2.0, will use information provided by Google Inc. to flag potentially-dangerous sites, warn anyone trying to reach those URLs with Firefox and automatically block access to the site. Have you tested out Firefox 3.0 Alpha 8? The ability to alert a users of a possible malware sites is an important security feature. I am interested in how this add-on works. Will there be any performance lose in using it extension?

news/network-security/firefox-30-alpha-blocks-malware-secures-plug-in-updates
Preventing Brute Force Attacks With BlockHosts
1st, October, 2007

In this article I will show how to install and configure BlockHosts on a Debian Etch system. BlockHosts is a Python tool that observes login attempts to various services, e.g. SSH, FTP, etc., and if it finds failed login attempts again and again from the same IP address or host, it stops further login attempts from that IP address/host. By default, BlockHosts supports services that use TCP_WRAPPERS, such as SSH, i.e. services, that use /etc/hosts.allow or /etc/hosts.deny, but it can also block other services using iproute or iptables. What do you think about software like BlockHosts? If users have strong passwords then software like BlockHosts will not be useful. Personal I don't like having my firewall change depending on if a script kiddie is trying a brute force attack on my network.

news/network-security/preventing-brute-force-attacks-with-blockhosts
Prolexic Defends Anti-spam Services Against Ongoing Ddos Attacks
26th, September, 2007

Even companies that provide us protection against spam are targets themselves. SURBL has recently announced a public thanks to Prolexic for providing their DDOS mitigation services to protect the website. Due to their efforts the ongoing attacks are now virtually invisible. Read on for a summary of the project - maybe you should check to see if your SURBL list providers or other spam protection services are protected themselves?

news/security-projects/prolexic-defends-anti-spam-services-against-ongoing-ddos-attacks
Gentoo Removes Some of thier Servers from the Net
27th, September, 2007

Admins with the Gentoo Project say they have disconnected major parts of its website a week after discovering it could be vulnerable to a command injection attack that allows bad guys to remotely execute code on the machine. Gentoo seems to be taking no chances here, maybe because they where hacked earlier this year. What does this mean for Gentoo's OS security? Does this cause a concern for Gentoo users?

Abusing Chroot for Security
1st, October, 2007

It was, for some reason, a common misconception that chroot can be utilized for security purposes. According to a post on Kernel Trap, such an assumption is not only wrong, but can be badly misused. An interesting discussion follows...

Introduction to SELinux
26th, September, 2007

As SELinux continues to gain in popularity, more and more sites will take it upon themselves to give it another go around. Here is a great, quick intro from another standpoint, into SELinux and setting up the system.

Also nice, is the explanation of DAC versus MAC, and how they inter-relate. If you haven't learned much about SELinux, here's a nice way to start.

Core SELinux Version R070925 Released
26th, September, 2007

Stephen Smalley has announced the latest release of core SELinux userland code, with highlights including dynamic object class and permission discovery, per-command PAM configuration for the newrole utility, and several general updates and improvements. This release update some of the SELinux core userspace programs. One interesting change is per-command PAM configuration for the userland command newrole. I am glad to see updates to the userspace utilizes being release on a regular bases. Do you think that the NSA is pushing SELinux in the right direction?

Is SELinux Really too Complex?
28th, September, 2007

What I discovered is that part of SELinux