Information Security News mailing list archives
Linux Security Week - March 19th 2001
From: newsletter-admins () linuxsecurity com
Date: Mon, 19 Mar 2001 11:16:39 -0500
+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 19th, 2001 Volume 2, Number 12n | | | | Editorial Team: Dave Wreski dave () linuxsecurity com | | Benjamin Thomas ben () linuxsecurity com | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, many of the articles are worthwhile reading. Some of the best include, "building a Bridging Firewall with Linux," "Securely Erasing a Hard Drive with Perl," and "Responding to a Security Incident." Also, this week, Guardian Digital (our parent company), officially announced EnGarde Secure Linux. Its a great distro and something you should definitely keep an eye on. EnGardeLinux.org This week, advisories were released for imap, joe, gnuserv, zope, mailx, icecast, cfengine, rwhod, interbase, slrn, Mesa, sudo, sgml-tools, and mutt. The vendors include Caldera, Debian, Immunix, FreeBSD, Mandrake, Red Hat, and Trustix. http://www.linuxsecurity.com/articles/forums_article-2690.html ## Guardian Digital Presents EnGarde Linux ## EnGarde is the next generation in Linux security providing a complete suite of e-business services, intrusion alert capabilities, improved authentication and access control utilizing strong cryptography, and complete SSL secure Web-based administration capabilities. http://www.linuxsecurity.com/engarde-announcement.html HTML Version available: http://www.linuxsecurity.com/newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * Psudo root! March 15th, 2001 If you wonder about safely allowing a user to run a program on your Unix box requiring root privileges and feel uneasy about options like sharing the root password or using setuid bits then sudo is the program for you. A common problem faced is allowing non root users to dial and establish a connection to the Internet. http://www.linuxsecurity.com/articles/host_security_article-2685.html * Analysis of the KNARK rootkit March 14th, 2001 Toby Miller has written an analysis of the KNARK rootkit: "The purpose of this paper is to identify signatures related to the KNARK rootkit. This paper does not show how to install the rootkit nor does it make any comparisons between this rootkit and other rootkits. This paper will attempt to educate the readers on the various signatures and problems related to this rootkit." http://www.linuxsecurity.com/articles/intrusion_detection_article-2680.html * Securely Erasing a Hard Drive with Perl March 13th, 2001 When moving from Ohio to California, GNUJobs.com had some hard drives (along with other hardware and software) which were to be donated to COLUG (Central Ohio Linux Users Group). They needed to be deleted before they were donated. 2 out of the 3 hard drives had bad sectors on them, and the third I ended up using as a hard drive for testing purposes, like creating this article, so I ended up not giving any away. Still, I will need to wipe a hard drive in the future, so I created this Perl script (which I will later convert to Python and make it have more options). http://www.linuxsecurity.com/articles/host_security_article-2668.html +------------------------+ | Network Security News: | +------------------------+ * Building a Bridging Firewall with Linux March 18th, 2001 The Linux kernels v2.2 and higher have support for Ethernet bridging. In a bridge, all packets received by one interface are passed to the other, without regard to source or destination IP address, by examining the Ethernet MAC destination address of the packet. http://www.linuxsecurity.com/articles/firewalls_article-2697.html * Intrusion Detection Systems: An Opening For Hackers? March 17th, 2001 System administrators who rely on intrusion detection systems to snag malicious hacker trying to break into their system may actually be lulling themselves into a false sense of security, the government's security watchdog warned today. http://www.linuxsecurity.com/articles/intrusion_detection_article-2696.html * Beleaguered researcher says TCP weakness is real March 15th, 2001 Two days after a security vendor announced it had found a new vulnerability in TCP, only to be lambasted for passing an old problem off as news, the researcher who identified the weakness defended his work and the decision to announce it. http://www.linuxsecurity.com/articles/network_security_article-2688.html * How to Build a FreeBSD-STABLE Firewall with IPFILTER March 12th, 2001 This howto walks you through the process of building one of the most stable and secure firewalls available - a FreeBSD-STABLE firewall with IPFILTER. As a part of the installation process, all services will be disabled except OpenSSH, which will have its access controlled via TCP-Wrappers. The firewall will be configured to log through the syslog facility, but will have its own firewall log files (rather than filling up /var/log/messages). http://www.linuxsecurity.com/articles/firewalls_article-2657.html +------------------------+ | Cryptography News: | +------------------------+ * Cryotp-Gram: March 15, 2001 March 16th, 2001 In this issue, Bruce Schneier talks about, the "Security Patch Treadmill", the future role of insurance in network security, Harvards "new" and "uncrackable" cryptosystem, the TCP/IP sequence number bug, the "closed' cryptosystem of iBallot.com, some problems with conventional IDS, and how the recent vulnerabilities found in the 802.11 WEP protocol should make us all take another look at all protocols. http://www.linuxsecurity.com/articles/cryptography_article-2694.html * Tiny C code bests seven-line DVD decoder March 14th, 2001 Coder Charles M Hannum has created the smallest program capable of decoding a Content Scrambling System (CSS) DVD file, beating last week's seven-line Perl shell script 442 bytes to 472 (excluding newline bytes). Hannum's C program, called efdtt, is no slouch, either. The programmer claims it can "descramble in excess of 21.5MBps" - faster than the DVD spec. allows for. http://www.linuxsecurity.com/articles/hackscracks_article-2678.html +------------------------+ | Vendors/Products: | +------------------------+ * Guardian Digital Presents EnGarde Secure Linux March 16th, 2001 EnGarde is the next generation in Linux security providing a complete suite of e-business services, intrusion alert capabilities, improved authentication and access control utilizing strong cryptography, and complete SSL secure Web-based administration capabilities. http://www.linuxsecurity.com/articles/projects_article-2693.html * ssh suite: Sftp, scp and ssh-agent March 12th, 2001 The aim of this article is to provide an introduction to some useful programs in the SSH suite, i.e. sftp, scp, ssh-agent and ssh-add. In the following we suppose that sshd2 daemon is well configured and running. http://www.linuxsecurity.com/articles/vendors_products_article-2660.html +------------------------+ | General News: | +------------------------+ * Companies report the Internet was the most common point of security breaches March 15th, 2001 Experts say a large number of attacks go unrecognized, and that the total is hard to assess, with companies reluctant to admit that they've been attacked unless the attack has already been publicized. High-profile attacks in 2000 included the coordinated denial-of-service attacks against Yahoo!, eBay, Buy.com, and several other websites in February, as well as the virus that invaded Microsoft's internal network in November. http://www.linuxsecurity.com/articles/general_article-2686.html * NIST tool analyzes security March 15th, 2001 The National Institute of Standards and Technology released draft guidance last week for agencies that are attempting to perform self-assessments of their information security programs. The draft Self-Assessment Guide for Information Technology Systems is a questionnaire that builds upon the Federal IT Security Assessment Framework, which was developed by NIST and issued by the Chief Information Officers Council in November 2000. http://www.linuxsecurity.com/articles/government_article-2683.html * Responding to a Security Incident March 14th, 2001 The question that often comes up is what to do about it. Unless it's a financial or safety issue, it's probably going to get laughed at by the legal authorities, but it's worth reporting. .. We'll not go into detecting incidents, but we will define them as port probes, port scans, denial of service (DoS) attempts and unauthorized access attempts. Each of these warrants investigation, some more than others. Combining intrusion detection software with log analysis (which you should be doing anyhow), these events should stand out. http://www.linuxsecurity.com/articles/intrusion_detection_article-2682.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Linux Security Week - March 19th 2001 newsletter-admins (Mar 20)