![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: InfoSec News <isn@c4i.org>
To: isn@attrition.org
Subject: [ISN] Linux Security Week - August 20th 2001
Date: Tue, 21 Aug 2001 03:10:35 -0500 (CDT)
+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| August 20th, 2001 Volume 2, Number 33n |
| |
| Editorial Team: Dave Wreski dave@linuxsecurity.com |
| Benjamin Thomas ben@linuxsecurity.com |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, the most interesting articles include "Securing Sendmail with
TLS," "CERT Guide to System and Network Security Practices," and
"Learning with nmap." Also this week, there are several interesting
cryptography articles including "Delayed Report on Encryption Flaws to Be
Presented," and "So much for secure e-mail."
This week, advisories were released for fetchmail, telnet, groff, imp,
windowmaker, and openldap. The vendors include Caldera, Conectiva,
Debian, EnGarde, and Mandrake.
http://www.linuxsecurity.com/articles/forums_article-3519.html
Maximize your security with EnGarde Secure Linux! EnGarde was designed
from the ground up as a secure solution, starting with the principle of
least privilege, and carrying it through every aspect of its
implementation.
http://www.engardelinux.org
EnGarde Quick Start Guide - This is a document that provides you with the
information necessary to quickly begin using your EnGarde system.
http://www.guardiandigital.com/docs/EnGardeManual/ESLQuick-1.0.1.pdf
HTML Version:
http://www.linuxsecurity.com/vuln-newsletter.html
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+
* Checking Your System Logs with awk
August 19th, 2001
UNIX systems are especially talkative and log considerable amounts of
data. Many administrators at first find digging through all those logs
annoying, and some abandon the practice of checking logs for that reason.
However, when system problems arise, those admins are left wondering what
occurred and why.
http://www.linuxsecurity.com/articles/host_security_article-3527.html
* Securing Sendmail with TLS
August 16th, 2001
One of the most common uses of network systems is for e-mail-based
communications. As such, a great deal of attention has been given to
securing e-mail systems. However, most of this focus has been in two
areas: security at the message level, using PGP or S/MIME, and
confidentiality in the authentication process for mail retrieval, i.e.,
using APOP or SSL-based IMAP. This still leaves mail server-to-server
traversal vulnerable to several attacks.
http://www.linuxsecurity.com/articles/server_security_article-3512.html
+------------------------+
| Network Security News: |
+------------------------+
* HTML Form Protocol Attack [PDF]
August 18th, 2001
This paper describes how some HTML browsers can be tricked through the use
of HTML forms into sending more or less arbitrary data to any TCP port.
This can be used to send commands to servers using ASCII based protocols
like SMTP, NNTP, POP3, IMAP, IRC, and others.
http://www.linuxsecurity.com/articles/documentation_article-3524.html
* CERT Guide to System and Network Security Practices
August 17th, 2001
After reading the CERT Guide to System and Network Security Practices, you
may feel as if you've been speaking with your mother about computer
security, as most of the advice detailed in the book is common sense.
But, as Voltaire astutely noted, common sense is not so common.
http://www.linuxsecurity.com/articles/documentation_article-3522.html
* New Public Network: Network Security's Not-So-Secret Ingredients
August 16th, 2001
The tools and technology to stop computer crime are known and available,
yet administrators are so overwhelmed with day-to-day IT chores that they
don't have time for healthy security practices. Therefore, the network
subsists on the digital equivalent of junk food: unpatched software,
poorly configured firewalls, deficient security policies, and so on.
http://www.linuxsecurity.com/articles/general_article-3517.html
* Hacker Tools and their Signatures, Part Three: Rootkits
August 15th, 2001
Toby Mill writes, "This is the third installment of a series devoted to
examining hacker tools and their signatures. In this installment we will
be looking at some of the signatures related to the KOH rootkit. The
purpose of this paper is to assist the reader in detecting the KOH
rootkit. "
http://www.linuxsecurity.com/articles/host_security_article-3507.html
* Honeypot for hackers
August 14th, 2001
COMPUTER experts can now predict when a malicious hacker is about to
strike, and sound the alarm days in advance. They are urging companies to
use their technique to stop hackers getting into networks. "Regardless of
who you are, you are not safe," says Jeffery Stutzman, an ex-naval
intelligence officer now working as a security expert for Cisco Systems in
Chelmsford, Massachusetts.
http://www.linuxsecurity.com/articles/intrusion_detection_article-3500.html
* Learning with nmap
August 13th, 2001
Why are scanners so important for the security of networks? Basically
because they are essential tools for those who want to attack a system.
The preparation of an attack by a cracker could look as follows: Scan a
target machine or selected network, observe which services are offered and
which operating systems runs these services, and work on some well-known
vulnerability in any of them.
http://www.linuxsecurity.com/articles/general_article-3492.html
+------------------------+
| Cryptography News: |
+------------------------+
* The Encryption Effort
August 19th, 2001
There have been many articles recently extolling the virtues of encrypting
your communications via the internet. But there is another side to this
debate. Russell Kay, senior reviews editor of Computerworld in the US,
gives us his view.
http://www.linuxsecurity.com/articles/cryptography_article-3526.html
* So much for secure e-mail
August 15th, 2001
Encrypted e-mail has flopped in the enterprise. More than five years
after standards were created and vendors rushed to support them, virtually
no one secures e-mail today, despite widespread concerns about prying eyes
and corrupted data.
http://www.linuxsecurity.com/articles/cryptography_article-3503.html
* Crypto-Gram August
August 15th, 2001
Encrypted e-mail has flopped in the enterprise. More than five years
after standards were created and vendors rushed to support them, virtually
no one secures e-mail today, despite widespread concerns about prying eyes
and corrupted data.
http://www.linuxsecurity.com/articles/cryptography_article-3506.html
* Delayed Report on Encryption Flaws to Be Presented
August 15th, 2001
Today a group of Princeton computer scientists will present a research
paper that has spurred debate over the freedom of scientific research and
a 1998 digital copyright law that places restrictions on the dissemination
of decryption information. The paper, which reveals the flaws in several
encryption techniques for compact discs, was withdrawn at the last minute
from a conference in April because the researchers said they feared
litigation from the Recording Industry Association of America, a trade
group that has moved to stamp out piracy threats in the era of digital
music.
http://www.linuxsecurity.com/articles/cryptography_article-3509.html
+------------------------+
| Vendors/Tools |
+------------------------+
* AirSnort Wireless LAN Tool
August 18th, 2001
AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys.
AirSnort operates by passively monitoring transmissions, computing the
encryption key when enough packets have been gathered.
http://www.linuxsecurity.com/articles/cryptography_article-3525.html
* Snort 1.8.1 Now Available
August 15th, 2001
This latest release includes SNMP alerting support, greatly improved
stability, IDMEF XML alert support, new decoder for "%u encoded" HTTP
traffic, limited wildcards/regex in the rules language, plus a new
snort.org page.
http://www.linuxsecurity.com/articles/intrusion_detection_article-3508.html
+------------------------+
| General Security News: |
+------------------------+
* CyberCrime Help
August 17th, 2001
Cyberspace can be an exciting place these days. But, unfortunately, it can
also be a dangerous place, especially if you're unaware of the dangers and
how to protect yourself. So we at "CyberCrime" thought we'd offer some
tips and ideas for staying safe online.
http://www.linuxsecurity.com/articles/hackscracks_article-3520.html
* 50 hackers to take part in server-cracking contest
August 16th, 2001
Hackers will be challenged to penetrate a variety of computer networks
early next month with no threat of punishment if they are successful, a
network security firm said yesterday. Parinya Homanek, managing director
of Net En Tel Co Ltd, said the first hackers' conference in Thailand would
be held on September 3 and 4 with a network of more than 50 powerful
servers set up specially for them to try to hack into.
http://www.linuxsecurity.com/articles/hackscracks_article-3513.html
* Study: IT Budgets Opening Up to Linux
August 15th, 2001
A study by IDC finds the open-source Linux gaining popularity among
corporate users, but the operating system still trails Microsoft in
servers by a wide margin. With solid year-to-year growth and a broad
potential market that is currently using or experimenting with it, the
open-source Linux platform is gaining ground in the information technology
(IT) budgets of companies worldwide, analysts at IDC said Tuesday
http://www.linuxsecurity.com/articles/general_article-3504.html
* Phrack 57 Available
August 13th, 2001
The latest issue of Phrack, a premier underground security magazine, has
been released. Last issue released in May 2000, the latest issue talks
about privacy, ICMP based OS fingerprinting, NIDS on mass parallel
processing architecture, and more.
http://www.linuxsecurity.com/articles/projects_article-3493.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.