[ISN] Linux Security Week - April 12th 2004

InfoSec News isn at c4i.org
Tue Apr 13 04:47:10 EDT 2004


+---------------------------------------------------------------------+
|  LinuxSecurity.com                            Weekly Newsletter     |
|  April 12th, 2004                              Volume 5, Number 15n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave at linuxsecurity.com    |
|                   Benjamin Thomas         ben at linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "AFICK: Another
File Integrity Checker," "File And Email Encryption With GnuPG," and
"Networking improvements in the 2.6 kernel."

----

>> Secure Online Data Transfer with SSL <<

Get Thawte's new introductory guide to SSL security which covers the
basics of how it operates. A discussion of the various applications of SSL
certificates and their appropriate deployment is also included along with
details of how to test SSL on your web server.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=thawte02

----

LINUX ADVISORY WATCH:
This week, advisories were released for the Linux kernel, interchange,
fte, sysstat, oftpd, squid, heimdal, tcpdump, portage, kde, tcpdump,
sysstat, ClamAV, Automake, and mplayer. The distributors include Debian,
Gentoo, Mandrake, and Turbolinux.

http://www.linuxsecurity.com/articles/forums_article-9160.html

----

Guardian Digital Launches Next Generation Internet
Defense & Detection System

Guardian Digital has announced the first fully open source system designed
to provide both intrusion detection and prevention functions. Guardian
Digital Internet Defense & Detection System (IDDS) leverages best-in-class
open source applications to protect networks and hosts using a unique
multi-layered approach coupled with the security expertise and ongoing
security vigilance provided by Guardian Digital.

http://www.linuxsecurity.com/feature_stories/feature_story-163.html

----

Interview with Siem Korteweg: System Configuration Collector

In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open
source, and information on future developments.

http://www.linuxsecurity.com/feature_stories/feature_story-162.html

----

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]----------
+---------------------+

* Growing Acceptance of Linux has Dark Side
April 9th, 2004

There are still few viruses aimed at Linux, says David Wreski, chief
executive officer of Guardian Digital Inc., an Allendale, N.J., maker of
Internet and security applications for Linux, but there have been
Linux-specific viruses and worms and the threat is growing.

http://www.linuxsecurity.com/articles/host_security_article-9162.html


* Understanding Patches
April 8th, 2004

When vendors become aware of vulnerabilities in their products, they often
issue patches to fix the problem. Make sure to apply relevant patches to
your computer as soon as possible so that your system is protected.

http://www.linuxsecurity.com/articles/host_security_article-9157.html


* AFICK: Another File Integrity Checker
April 8th, 2004

Afick stands for "Another File Integrity Checker". It is a security tool,
very close from the well known tripwire. It allows to monitor the changes
on your files systems, and so can detect intrusions. It's designed to be
quick and portable (perl script) on unix and windows operating systems.

http://www.linuxsecurity.com/articles/host_security_article-9155.html


* Introduction to Enterprise Linux
April 7th, 2004

Summary: What is Enterprise Linux? Who has it? What does it cost? Are
there any viable free alternatives? These are all questions that this
article will address and try to answer.

http://www.linuxsecurity.com/articles/vendors_products_article-9149.html


* Volunteer Security Pros Launch Free Vulnerability Database
April 6th, 2004

A group of volunteer security professionals has compiled what is likely
one of the larger freely accessible vulnerability databases on the
Internet. The OSVDB (Open Source Vulnerability Database) is meant to serve
as a central collection point for information on any and all security
vulnerabilities.

http://www.linuxsecurity.com/articles/security_sources_article-9146.html


* Forrester questions Linux security
April 6th, 2004

A new study from Forrester Research has concluded that the Linux operating
system is not necessarily more secure than Windows. The report finds that
on average, Linux distributors took longer than Microsoft to patch
security holes, although Microsoft flaws tended to be more severe.

http://www.linuxsecurity.com/articles/general_article-9142.html


* File And Email Encryption With GnuPG (PGP)
April 5th, 2004

File and mail security is easy to achieve with the right tools. PGP has
proven itself the leader, and GnuPG is the tool of choice in the Linux
world.  Anyone who has read this column a while knows I'm a bit obsessive
about crypto. With the speed of modern or even old processors, there's no
reason that there should be any cleartext transmissions on the Internet at
all.

http://www.linuxsecurity.com/articles/cryptography_article-9134.html



+------------------------+
| Network Security News: |
+------------------------+

* Networking improvements in the 2.6 kernel
April 7th, 2004

The new Linux 2.6 kernel offers many improvements over the 2.4 version.
One area of technical advancement is in the kernel networking options.
Although there are enhancements in most of the files associated with the
networking options, this article focuses on major feature improvements and
additions that affect entire sections rather than on specific files.

http://www.linuxsecurity.com/articles/network_security_article-9153.html


+------------------------+
| General Security News: |
+------------------------+

* ROI: A Measure Of IT Success
April 8th, 2004

It is certainly difficult to justify investments in security protection
and assign a dollar amount to the level of security needed to keep an
organization safe. Incorrect decisions may lead to an exhaustion of
resources or an oversight in areas needing protection, potentially
resulting in a breach. Says Wreski, "Investing in a solid infrastructure
with room for future expansion up front is good business sense, and
leveraging open-source solutions that consistently deliver greater ROI,
increased security protection, and better flexibility will fundamentally
change how information is managed.

http://www.linuxsecurity.com/articles/general_article-9154.html


* The Issue of Compliance - Its Here and Its Expanding!
April 8th, 2004

Complexity of language aside, Sarbox has wide-ranging implications that
span the breadth of the high-tech industry. It has become increasingly
important to know which portions of the law apply to your organization,
and to the organizations that you do business with.

http://www.linuxsecurity.com/articles/general_article-9159.html


* The Myth of the Secure Operating System?
April 5th, 2004

The old adage about there being "safety in numbers" no longer applies, at
least not in the world of IT security. Microsoft platforms are not only
the most widespread, but also the most attacked. About that much, most --
but not all -- commentators agree.

http://www.linuxsecurity.com/articles/network_security_article-9138.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list