Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Security Week - December 31st 2001

From: InfoSec News <isn () c4i org>
Date: Wed, 2 Jan 2002 01:13:01 -0600 (CST)
+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  December 31st, 2001                         Volume 2, Number 52n   |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave () linuxsecurity com    |
|                   Benjamin Thomas         ben () linuxsecurity com     |
+---------------------------------------------------------------------+
 
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Transparent
Proxy with Linux and Squid mini-HOWTO," "Snort 'n Dragon,"  
"Authentication Gateway HOWTO," and "VNC, Securely: Part 2." Also this
week, we have added a careers section on LinuxSecurity.com.  It enables
you to find technical and managerial positions available worldwide.

 Visit the LinuxSecurity.com Career Center:
 http://careers.linuxsecurity.com 


This week, advisories were released for mailman, openssh, glibc, namazu,
stunnel, and gpm.  The vendors include Debian, EnGarde, Red Hat, SuSE, and
Trustix.

http://www.linuxsecurity.com/articles/forums_article-4214.html


* Why be vulnerable?  Its your choice.
 
Are you looking for a solution that provides the applications necessary to
easily create thousands of virtual Web sites, manage e-mail, DNS,
firewalling database functions for an entire organization, and supports
high-speed broadband connections all using a Web-based front-end? EnGarde
Secure Professional provides those features and more!
 
 Be Secure with EnGarde Secure Professional:
 http://store.guardiandigital.com/html/eng/493-AA.shtml
 
 
 
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+
 


* A "Secure Programming" interview
December 27th, 2001

Today, we have the interview of David A. Wheeler. As you're going to see
it in his interview, David will give a secure programming presentation
during FOSDEM. "I'm an American, born in 1965, and I've been developing
software since about 1977. Professionally, I'm always been interested in
high-risk or large software systems, including their security.

http://www.linuxsecurity.com/articles/forums_article-4210.html




+------------------------+
| Network Security News: |
+------------------------+
 
* Transparent Proxy with Linux and Squid mini-HOWTO
December 27th, 2001

This document provides information on how to setup a transparent caching
HTTP proxy server using only Linux and squid. In "ordinary" proxying, the
client specifies the hostname and port number of a proxy in his web
browsing software. The browser then makes requests to the proxy, and the
proxy forwards them to the origin servers.

http://www.linuxsecurity.com/articles/network_security_article-4211.html


* Snort 'n Dragon
December 26th, 2001

This is the third in a series of excerpts from Chapter 7 of Incident
Response, published in August 2001 by O'Reilly. This excerpt covers two
tools used by sysadmins to detect when hackers are trying to access your
network. You can use these tools to detect hackers before they do any
damage.

http://www.linuxsecurity.com/articles/intrusion_detection_article-4206.html



* Hackers surround the Honeynet like bees around a honey pot
December 26th, 2001

A decoy computer network set up to record every attempt to crack it open
and subvert it has revealed just how active and determined malicious
hackers have become.  Statistics gathered by the network show that
computers connected to the web are scanned for weaknesses up to 14 times
per day and that, on average, an attempt will be made to break into a
net-connected computer every three days.

http://www.linuxsecurity.com/articles/network_security_article-4204.html


* Authentication Gateway HOWTO
December 26th, 2001

There are many concerns with the security of wireless networks and public
access areas such as libraries or dormitories. These concerns are not met
with current security implementations. A work around has been proposed by
using an authentication gateway.

http://www.linuxsecurity.com/articles/network_security_article-4209.html


* VNC, Securely: Part 2
December 24th, 2001

This article will use Linux computers as both the clients and the server.
We will concentrate on using the VNC client called vncviewer and the
OpenSSH implementation of the SSH Secure Shell protocol.  As per the first
article, we have a VNC-based desktop running on our server.

http://www.linuxsecurity.com/articles/network_security_article-4201.html



+------------------------+
| Cryptography News:     |
+------------------------+
 
* Brain-bending crypto
December 26th, 2001

Researchers at Toshiba have developed an LED (light emitting diode)
capable of firing a single photon at a time, which could make sending
encrypted messages truly secure.  Researchers believe the diode could be
used for quantum cryptography, a secure form of optical communication.

http://www.linuxsecurity.com/articles/cryptography_article-4208.html




+------------------------+
|  Vendors/Products:     |
+------------------------+
 
* phrack #58 Released!
December 28th, 2001

If you've never used Linux before and need to set up a server fast and
easily, this is one of the best ways to do it. It's also very cost
effective because it will run on almost any PC and doesn't require any
expensive hardware, not to mention that the software itself sells for a
very low price.

http://www.linuxsecurity.com/articles/projects_article-4216.html


* Why Worm Writers Stay Free
December 27th, 2001

Virus writers often act as if the Internet, the most public forum in the
world, is their very own private playground.  Law enforcement officials
are amused and amazed by the many virus writers who carefully include
identifying comments or credits in their code, and who often are found
bragging about their skills and latest creations in newsgroups or on
Internet Relay Chat channels.

http://www.linuxsecurity.com/articles/general_article-4212.html


* Security consultant finds plenty of holes to plug
December 26th, 2001

Cruising about the Twin Cities, with his wireless laptop on the seat next
to him, Brad Rubin can see one business opportunity after another pop up
on his computer screen.  His laptop, hooked to a homemade antenna housed
in a Pringles can, runs sniffer software that
 detects wireless networks, even those people have tried to hide.


http://www.linuxsecurity.com/articles/network_security_article-4205.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: