[ISN] Linux Security Week - August 8th 2005

InfoSec News isn at c4i.org
Tue Aug 9 04:46:37 EDT 2005


+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  August 8th, 2005                           Volume 6, Number 33n    |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave at linuxsecurity.com    |
|                   Benjamin D. Thomas      ben at linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Ten Reasons
towards Cryptography," "Linux Security: Is it Ready For The Average
User," and "The Threat From Within."

---

## Internet Productivity Suite: Open Source Security ##
Trust Internet Productivity Suite's open source architecture to
give you the best security and productivity applications available.
Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced
ideas and methods into their design.

Click to find out more!
http://store.guardiandigital.com/html/eng/products/software/ips_overview.shtml

---

LINUX ADVISORY WATCH

This week, advisories were released for gaim, gopher, pdns, apt-
catcher, ethereal, im-sdk, selinux-policy-targeted, gamin, pam,
netpbm, mkinitrd, kde, arts, NetworkManager, labraw, ckermit,
httpd, gphoto, coreutils, iiimf, yum, gimp, redhead, zlib,
fetchmail, sandbox prsotext, proftpd, nbsmtp, dump, and
SquirrelMail.  The distributors include Debian, Fedora, Gentoo,
and Red Hat.

http://www.linuxsecurity.com/content/view/120030/150/

---

Network Server Monitoring With Nmap

Portscanning, for the uninitiated, involves sending connection requests
to a remote host to determine what ports are open for connections and
possibly what services they are exporting. Portscanning is the first step
a hacker will take when attempting to penetrate your system, so you should
be preemptively scanning your own servers and networks to discover
vulnerabilities before someone unfriendly gets there first.

http://www.linuxsecurity.com/content/view/119864/150/

---

Linux File & Directory Permissions Mistakes

Greetings, gentle reader, and welcome to linuxsecurity.com and our new
recurring series of articles on security related mistakes and how to avoid
them. I'm your host, Pax Dickinson, and today we'll be reviewing basic
Linux file and directory permissions and how to avoid some common pitfalls
in their use, in this episode of Hacks From Pax.

One common mistake Linux administrators make is having file and directory
permissions that are far too liberal and allow access beyond that which
is needed for proper system operations. A full explanation of unix file
permissions is beyond the scope of this article, so I'll assume you are
familiar with the usage of such tools as chmod, chown, and chgrp. If
you'd like a refresher, one is available right here on linuxsecurity.com.

http://www.linuxsecurity.com/content/view/119415/49/

---

>> The Perfect Productivity Tools <<

WebMail, Groupware and LDAP Integration provide organizations with
the ability to securely access corporate email from any computer,
collaborate with co-workers and set-up comprehensive addressbooks to
consistently keep employees organized and connected.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn05


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------+
| Security News:      | <<-----[ Articles This Week ]----------
+---------------------+

* Ten Reasons towards Cryptography
  5th, August, 2005

Cryptography is already the de facto way of securing sensitive web
traffic and it is now reaching across the entire enterprise as
companies start to use industry-standard protocols such as SSL
internally - even between servers only a few feet
apart.

http://www.linuxsecurity.com/content/view/120032


* Exploit writers team up to target Cisco routers
  1st, August, 2005

It's Saturday night, a time for blowout parties at the annual DEF CON
hacker convention, including the Goth-flavored Black and White Ball.
But a half dozen researchers in the nondescript room quietly drink,
stare at the screens of their laptops, and in low voices, discuss how
to compromise two flat metal boxes sitting on a sofa side table:
Cisco routers.

http://www.linuxsecurity.com/content/view/119990


* Google now a hacker's tool
  2nd, August, 2005

Although security software can identify when an attacker is
performing reconnaissance work on a company's network, attackers can
find network topology information on Google instead of snooping for
it on the network they're studying, he said. This makes it harder for
the network's administrators to block the attacker. "The target does
not see us crawling their sites and getting information," he said.

http://www.linuxsecurity.com/content/view/120001


* What to do before an IOS disaster strikes
  2nd, August, 2005

Last week, former Internet Security Systems researcher Michael Lynn
presented at the Black Hat USA 2005 conference a reliable process
that could be used to exploit Cisco routers running the
Internetworking Operating System (IOS.)
Even though the exact exploit demonstrated during his presentation
was not disclosed, Lynn showed enough details to prove that the
exploit is real and that previous misconceptions that routers and
switches are not exploitable are false.

http://www.linuxsecurity.com/content/view/120009


* DNS servers - an Internet Achilles heel
  3rd, August, 2005

Hundreds of thousands of Internet servers are at risk of an attack
that would redirect unknowing Web surfers from legitimate sites to
malicious ones.


http://www.linuxsecurity.com/content/view/120014


* Worms could dodge Net traps
  5th, August, 2005

Future worms could evade a network of early-warning sensors hidden
across the Internet unless countermeasures are taken, according to
new research.

In a pair of papers presented at the Usenix Security Symposium here
Thursday, computer scientists said would-be attackers can locate such
sensors, which act as trip wires that detect unusual activity. That
would permit nefarious activities to take place without detection.

http://www.linuxsecurity.com/content/view/120034


* Key bugs in core Linux code squashed
  4th, August, 2005

Serious security bugs in key parts of the latest Linux code have been
fixed, but some small glitches have been introduced, according to a
recent scan.

http://www.linuxsecurity.com/content/view/120026


* Flaws Found in MySQL Tracking System
  2nd, August, 2005

Flaws have been found in MySQL Eventum 1.5.5 and prior that allow
malicious users to conduct cross-site scripting and SQL injection
attacks.
<p>{mos_sb_discuss:22}<p>

http://www.linuxsecurity.com/content/view/120000


* Car Whisperer
  3rd, August, 2005

The carwhisperer project intends to sensibilise manufacturers of
carkits and other Bluetooth appliances without display and keyboard
for the possible security threat evolving from the use of standard
passkeys.

http://www.linuxsecurity.com/content/view/120013


* The Sniffer vs. the Cybercrooks
  1st, August, 2005

The investment bank, despite billions in annual revenue and the small
squadron of former police, military and security officers on its
payroll, was no match for Mark Seiden.	<p>"Tell me the things you
most want to keep secret," Mr. Seiden challenged a top executive at
the bank a few years back. The executive listed two. One involved the
true identities of clients negotiating deals so hush-hush that even
people inside the bank referred to them by using a code name. The
other was the financial details of those mergers and acquisitions.

http://www.linuxsecurity.com/content/view/119991


* Linux Security - Is it Ready For The Average User?
  1st, August, 2005

There seems to be a new important security patch out for Linux every
month, lots of "do not use this program" warnings, too many articles
and books with too little useful information, high-priced
consultants, and plenty of talk about compromised systems. It is
almost enough to send someone back to Windows. Can the average Linux
user or system administrator keep his or her system secure and still
have time to do other things?

http://www.linuxsecurity.com/content/view/119993


* Cyber-criminals turn to extortion and fraud
  3rd, August, 2005

Governments, financial services firms and manufacturing companies are
now the top targets for security attacks, according to research
published today by IBM.

http://www.linuxsecurity.com/content/view/120022


* An IT Manager.s Guide to Provisioning and Identity Management
  4th, August, 2005

With staff now requiring access to so many internal and external
computer systems, all of which might require separate usernames,
passwords and access privileges, identity management is far from
straightforward. Learn what can be done to simplify identity
management.

http://www.linuxsecurity.com/content/view/120025


* A Hacker Games the Hotel
  1st, August, 2005

A vulnerability in many hotel television infrared systems can allow a
hacker to obtain guests' names and their room numbers from the
billing system.

http://www.linuxsecurity.com/content/view/119989


*  Hackers Demonstrate Their Skills in Vegas
  2nd, August, 2005

Even the ATM machines were suspect at this year's Defcon conference,
where hackers play intrusion games at the bleeding edge of computer
security.

http://www.linuxsecurity.com/content/view/119998


*  Wireless hijacking under scrutiny
  1st, August, 2005

A recent court case, which saw a West London man fined (char)500 and
sentenced to 12 months' conditional discharge for hijacking a
wireless broadband connection, has repercussions for almost every
user of wi-fi networks.

http://www.linuxsecurity.com/content/view/119992


* The Threat From Within
  2nd, August, 2005

Malicious insiders represent today's toughest challenge for security
architects. Traditional database security tools such as encryption
and access controls are rendered useless by a trusted employee who
has--or can easily obtain--the right credentials. In addition, more
users in the enterprise are getting database access, including DBAs,
application developers, software engineers, and even marketing, HR,
and customer support representatives. And whether spurred by revenge
or tempted by easy money, insiders can sell their booty on a bustling
information black market.

http://www.linuxsecurity.com/content/view/119999


* Hackers cash in on 802.1x confusion
  3rd, August, 2005

Companies are leaving their wireless networks exposed to hackers
because of widespread failure to understand or implement 802.11x
security systems, a survey has claimed.

http://www.linuxsecurity.com/content/view/120015


* Hackers Say Wireless Is Weak
  4th, August, 2005

Lock down your wireless network -- that.s the message coming loud and
clear now that the DefCon hacker convention has rolled through Las
Vegas.

http://www.linuxsecurity.com/content/view/120027


* Passing the conference 'sniff' test
  5th, August, 2005

At last year's USENIX Security Symposium, Marcus Ranum was minding
his own business -- checking his e-mail, updating his Web site, etc.
-- when another conference attendee sent him an e-mail. In the text:
Ranum's password. Ranum, known for his work in intrusion detection,
later angrily confronted the sender at the conference about invading
his privacy. Bill Cheswick, a well-known security expert who sent the
offensive message, later chalked up his actions as just "a friendly
nudge."

http://www.linuxsecurity.com/content/view/120033


* Wireless Data Transmission Security
  5th, August, 2005

The main purpose of our paper is to describe the various forms of
wireless data transmission and to address the security concerns in
each. The major form of wireless data transmission that we will be
covering will be Wi-Fi. We will discuss security concerns, how to
protect yourself, the future of Wi-Fi, and what it is used for in
today.s world.

http://www.linuxsecurity.com/content/view/120039

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list