![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: InfoSec News <isn@c4i.org>
To: isn@attrition.org
Subject: [ISN] Linux Security Week - February 25th 2002
Date: Tue, 26 Feb 2002 01:13:38 -0600 (CST)
+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| February 25th, 2002 Volume 3, Number 8n |
| |
| Editorial Team: Dave Wreski dave@linuxsecurity.com |
| Benjamin Thomas ben@linuxsecurity.com |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, perhaps the most interesting articles include "Decentralise
Linux security with Sudo," "Network Intrusion Detection Signatures," and
"UnderLinux Interview with Core Netfilter Member." Also this week, a
cdrom bootable distribution for performing various types of forensic
analysis, incident response, data recovery, virus scanning and pen-testing
was released. More information about this is available in the
Vendors/Products section of this newsletter.
This week, advisories were released for cups, snmp, hanterm,. uucp,
ncurses, squid, and gnujsp. The vendors include Caldera, Conectiva,
Debian, FreeBSD, and Mandrake.
http://www.linuxsecurity.com/articles/forums_article-4493.html
FEATURE: Building a Virtual Honeynet - Hisham shares his experiences with
building a virtual honeynet on his existing Linux box. He describes data
capture and control techniques, the types of honeynets, and configuration
changes to get one running on your system.
http://www.linuxsecurity.com/feature_stories/feature_story-100.html
** FREE Apache SSL Guide from Thawte **
Planning Web Server Security? Find out how to implement SSL! Get the free
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security issues and more at:
http://www.gothawte.com/rd182.html
Find technical and managerial positions available worldwide. Visit the
LinuxSecurity.com Career Center: http://careers.linuxsecurity.com
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-------------
+---------------------+
* Flaws in LIDS, CUPS, and Sawmill
February 20th, 2002
Welcome to Security Alerts, an overview of recent Unix and open source
security advisories. In this column, we look at a security vulnerability
in LIDS; buffer overflows in CUPS, jgroff, Sun Solstice Enterprise Master
Agent, and Ettercap; and problems in Sawmill, Faq-O-Matic, pforum, GNAT,
Taylor UUCP, and IRIX O2 Video.
http://www.linuxsecurity.com/articles/server_security_article-4484.html
* Transactional Security in BIND 9
February 19th, 2002
Like most Internet protocols, the Domain Name System (DNS) began its life
without many built-in security mechanisms. DNS is, after all, a global,
public naming service, so you don't normally care who queries your name
server for data in the zones that you are responsible for maintaining.
http://www.linuxsecurity.com/articles/server_security_article-4474.html
* Application security 'in a grim state'
February 19th, 2002
Application security is "in a grim state", according to new research.
Almost half of application security vulnerabilities are readily
exploitable through entirely preventable defects.
http://www.linuxsecurity.com/articles/server_security_article-4475.html
* Decentralise Linux security with Sudo
February 18th, 2002
Although some of us administrators may hesitate to admit it, it is often
necessary to relinquish some control and delegate responsibility,
especially in multiadministrator environments. Fortunately, you can easily
delegate administrative duties on your Linux systems without giving out
the root password. Just use Sudo.
http://www.linuxsecurity.com/articles/host_security_article-4467.html
+------------------------+
| Network Security News: |
+------------------------+
* Most SNMP vulns quietly lurking
February 22nd, 2002
It's been over a week since CERT released a seemingly endless list of
devices and software products containing SNMP vulnerabilities discovered
by Finnish University of Oulu researchers, and to date very little bad has
happened, no doubt to the disappointment of most news agencies.
http://www.linuxsecurity.com/articles/network_security_article-4494.html
* Firewall Roundup: Offerings from SuSE, Mandrake, and Coyote Linux
February 20th, 2002
Whether you run a small business or large corporation -- or just have a
desktop PC at home -- if you're connected to the Internet for any amount
of time, you need a firewall to keep your data safe.
http://www.linuxsecurity.com/articles/firewalls_article-4480.html
* Network Intrusion Detection Signatures, Part 3
February 20th, 2002
This is the third in a series of articles on understanding and developing
signatures for network intrusion detection systems. In Part One and Part
Two, we examined the use of IP protocol header values, particularly TCP,
UDP and ICMP, in network intrusion detection signatures.
http://www.linuxsecurity.com/articles/intrusion_detection_article-4479.html
* UnderLinux Interviews Core Netfilter Member
February 18th, 2002
bit_of_love sent us a note about an interview with Harald Welte.
"UnderLinux has an interesting interview with Harald Welte, member of
netfilter/iptables project core team.
http://www.linuxsecurity.com/articles/firewalls_article-4464.html
+------------------------+
| Vendors/Products: |
+------------------------+
* Biatchux Bootable CD Forensics Toolkit
February 23rd, 2002
Biatchux is a portable bootable cdrom based distribution capable of
providing an immediate environment for performing forensics analysis,
incident response, data recovery, virus scanning and pen-testing.
http://www.linuxsecurity.com/articles/intrusion_detection_article-4498.html
* Linux for the paranoid
February 21st, 2002
Last weekend's CodeCon conference in San Francisco saw the launch of
Tinfoil Hat Linux, a self-proclaimed "exercise in over engineering" and
security. What started out as a secure, single floppy, bootable Linux
distribution for storing PGP keys, and encrypting, signing and wiping
files, turned into a useable Linux distribution for the totally paranoid.
http://www.linuxsecurity.com/articles/organizations_events_article-4490.html
+------------------------+
| General News: |
+------------------------+
* Disclosure Guidelines For Bug-Spotters Proposed
February 24th, 2002
A pair of computer security researchers are seeking comments on a proposal
to bring order to the reporting and fixing of security holes in software,
a process that frequently takes place in adversarial arenas
http://www.linuxsecurity.com/articles/security_sources_article-4499.html
* The World Wide Web Security FAQ
February 20th, 2002
The WWW Security FAQ has recently been updated. "This is the World Wide
Web Security Frequently Asked Question list (FAQ). It attempts to answer
some of the most frequently asked questions relating to the security
implications of running a Web server and using Web browsers."
http://www.linuxsecurity.com/articles/documentation_article-4483.html
* Why marketing-speak has no place in security
February 19th, 2002
If you pay attention to computer-security issues, you will no doubt have
noticed the recent upsurge in security-related marketing. Oracle continues
to tout its Oracle9i products as unbreakable, even though they patently
are no such thing.
http://www.linuxsecurity.com/articles/general_article-4470.html
* Open sourcers spice up security testing
February 18th, 2002
A group of open source developers dedicated to introducing an industry
standard on security testing will be releasing the fruits of their labours
later this month. Ideahamster.org started working on the Open Source
Security Testing Methodology Manual (OSSTMM ) last year after becoming
"sick of reading bland testing methodology descriptions.
http://www.linuxsecurity.com/articles/projects_article-4465.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.