![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: InfoSec News <isn@c4i.org>
To: isn@attrition.org
Subject: [ISN] Linux Security Week - November 12 2001
Date: Tue, 13 Nov 2001 01:39:05 -0600 (CST)
+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| November 12th, 2001 Volume 2, Number 45n |
| |
| Editorial Team: Dave Wreski dave@linuxsecurity.com |
| Benjamin Thomas ben@linuxsecurity.com |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, perhaps the most interesting articles include "Fingerprinting
Port 80 Attacks," "On the Security of PHP," "IPTables/NetFilter: Linux's
Next-Generation Stateful Packet Filter," and "Virtual Honeynets."
This week, advisories were released for procmail, lpd, webalizer,
sendmail, w3m, htdig, iptables, and the Linux kernel. The vendors include
Caldera, Conectiva, EnGarde, Red Hat, and SuSE.
http://www.linuxsecurity.com/articles/forums_article-3996.html
### SECURE YOUR APACHE SERVERS WITH 128-BIT SSL ENCRYPTION ###
Guarantee transmitted data integrity, secure all communication sessions
and more with SSL encryption from Thawte - a leading global certificate
provider for the Open Source community. Learn more in our FREE
GUIDE--click here to get it now:
--> http://www.gothawte.com/rd89.html
* Don't Risk your network installing an insecure OS *
EnGarde was designed from the ground up as a secure solution, starting
with the principle of least privilege, and carrying it through every
aspect of its implementation.
* http://www.engardelinux.org
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+
* Imp Webmail session hijacking vulnerability
November 12th, 2001
A search for one kind of problem led analysts at the CERT Coordination
Center to find another. In August, the security organization had begun to
contact vendors to get lpd codes from the makers of various printers in an
attempt to create a clearer picture of vulnerabilities surrounding the
software packages known as Internet Security Scanners, said Jason Rafail,
a security analyst at CERT, which is based at Carnegie Mellon University
in Pittsburgh.
http://www.linuxsecurity.com/articles/server_security_article-4004.html
* LIDS FAQ v0.15
November 11th, 2001
Version 0.15 of the LIDS FAQ is now available. LIDS is an enhancement for
the Linux kernel written by Xie Huagang and Philippe Biondi. It implements
several security features that are not in the Linux kernel natively. Some
of these include: mandatory access controls (MAC), a port scan detector,
file protection (even from root), and process protection.
http://www.linuxsecurity.com/articles/intrusion_detection_article-4003.html
* On the Security of PHP
November 7th, 2001
This article will provide you an overview of various security issues with
PHP and offer advice on secure PHP programming practices. PHP has
achieved a stable and solid presence on the Web in the last several years,
and its popularity as a server-side scripting language is only increasing.
Its primary use is for providing dynamically generated interfaces between
Web users and the host.
http://www.linuxsecurity.com/articles/server_security_article-3982.html
* Fingerprinting Port 80 Attacks
November 6th, 2001
CGIsecurity.com recently wrote a paper on fingerprinting port80 attacks."
These holes can allow an attacker to gain either administrative access to
the website, or even the web server itself. This paper looks at some of
the signatures that are used in these attacks, and what to look for in
your logs.
http://www.linuxsecurity.com/articles/server_security_article-3978.html
+------------------------+
| Network Security News: |
+------------------------+
* Virtual Honeynets
November 8th, 2001
A honeynet is a very valuable tool for research, intelligence and
education: by knowing the methods an intruder uses we can better detect
break-ins in the future. Information gathered from honeynets casn be
analysed to monitor attack trends. The information collected from a
honeynet can also be used to educate people.
http://www.linuxsecurity.com/articles/network_security_article-3993.html
* Security policies prove inadequate
November 8th, 2001
Firms are exposing themselves to security risks by failing to implement
effective policies, say security experts. A study of 100 British IT
directors undertaken by IT services provider GAP indicates that even if
firms have drawn up security policies, they were frequently inadequate.
According to the research, one in five firms expose themselves to the risk
of virus infections, by not preventing the introduction of external files
to their network.
http://www.linuxsecurity.com/articles/projects_article-3994.html
* IPTables/NetFilter - Linux's Next-Generation Stateful Packet Filter
November 8th, 2001
The IPTables/NetFilter application is considered to be the fourth
generation of Linux packet filtering implementations. The first generation
was Alan Cox's port of BSD UNIX's ipfw to Linux 1.1. Jos Vos and others
extended this and added the ipfwadm user tool for manipulating the rules
for filtering in the Linux 2.0 kernel. Paul "Rusty" Russell and Michael
Neuling made some significant modifications to the 2.2 Linux kernel, and
Russell added the user tool ipchains for controlling filtering rules for
this kernel.
http://www.linuxsecurity.com/articles/firewalls_article-3995.html
* Centralise security for success
November 7th, 2001
As we take security more seriously, as we put more obstacles between the
outside world and the inner secrets of our PCs, we're complicating our
lives -- in both good ways and bad. On the plus side, we are more securely
guarding our private data. On the other hand, as we increase the number of
permissions and passwords, we create a bigger job for corporate IT
departments.
http://www.linuxsecurity.com/articles/general_article-3985.html
+------------------------+
| Cryptography News: |
+------------------------+
* Analysis of SSH crc32 compensation attack detector exploit
November 11th, 2001
DoS attackers are relying more on automated tools, which lower the level
of technical knowledge necessary to launch a successful attack. Experts
are warning that crippling denial of service (DoS) attacks have become
easier to launch, with automated tools and newer methods that tie up more
computer and Internet resources than ever.
http://www.linuxsecurity.com/articles/intrusion_detection_article-4002.html
+------------------------+
| Vendors/Products: |
+------------------------+
* Outsource your security
November 6th, 2001
Alonzo Ellis and I were having lunch in a sunny bistro just outside of
Washington, DC. Not far away, the blackened scar on the side of the
Pentagon bore witness to the day that changed everything. "If they didn't
know about security in the past, they certainly know about it now," Ellis
said. Ellis, CTO of Imperito Networks, had been talking about
communications security.
http://www.linuxsecurity.com/articles/general_article-3975.html
* New Linux tool boosts security
November 6th, 2001
A small Australian company has released a Linux-based security tool it
hopes will help speed corporate acceptance of the open-source operating
system. InterSect Alliance has developed the first security auditing
system for Linux, beating much larger organizations to the punch. Its new
tool, SNARE (System Intrusion Analysis and Reporting Environment), is the
first intrusion detection system to reside on individual computers rather
than a network, according to Leigh Purdie, principal security consultant
for InterSect.
http://www.linuxsecurity.com/articles/vendors_products_article-3979.html
+------------------------+
| General News: |
+------------------------+
* Linux security self-censorship ominous
November 8th, 2001
October was a bad month for proponents of full disclosure. First,
Microsoft's Scott Culp argued in an essay that security researchers
shouldn't reveal the nature of security holes in software. Then Culp may
have found an unexpected ally in his war against full disclosure: Linux's
second-in-command, Alan Cox.
http://www.linuxsecurity.com/articles/forums_article-3992.html
* Security issue will be fixed - experts
November 8th, 2001
Throughout the dot-com boom to bust, security and privacy issues have
continued to be underestimated in terms of importance to e-business.
Australian experts warn this may cause more failures, while simultaneously
claiming these issues "will be fixed".
http://www.linuxsecurity.com/articles/general_article-3991.html
* Basic Security Checklist for Home and Office Users
November 6th, 2001
This article will offer readers a simple basic security checklist that
will enable users and managers to increase the security level in their
organization without any additional financial investment. It is axiomatic
in computer security that the weakest link in the security chain is user
error. Since the measures listed below are aimed at promoting secure user
behavior, they are extremely effective in lowering the risk of a security
breach.
http://www.linuxsecurity.com/articles/host_security_article-3973.html
* OpenBSD: The most secure OS around
November 5th, 2001
Unlike other operating systems, with the exception of close relative
NetBSD, the open source OpenBSD was built from the ground up to be secure.
How do they do it? In no small part, it's by constantly auditing the
operating system's code for potential security problems.
http://www.linuxsecurity.com/articles/host_security_article-3970.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.