[ISN] Linux Security Week - July 25th 2005

InfoSec News isn at c4i.org
Tue Jul 26 01:40:03 EDT 2005


+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  July 25th, 2005                            Volume 6, Number 31n    |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave at linuxsecurity.com    |
|                   Benjamin D. Thomas      ben at linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Interview
with Fyodor of Nmap," "Open authentication initiative gaining ground,"
and "Linux Security, Audit and Control Guidance Featured In New Book."

---

## Internet Productivity Suite: Open Source Security ##
Trust Internet Productivity Suite's open source architecture to
give you the best security and productivity applications available.
Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced
ideas and methods into their design.

Click to find out more!
http://store.guardiandigital.com/html/eng/products/software/ips_overview.shtml

---

LINUX ADVISORY WATCH

This week, advisories were released for krb5, heimdal, phpgadmin, ekg,
heartbeat, affix, zlib, cacti, java, diskdumputils, radvd, bind, kdelibs,
freeradius, firefox, thunderbird, ypserv, mysql, setarch, openoffice, pvm,
fetchmail, mozilla, epiphany, devhelp, yelp, php, ruby, acroread,
phpgroupware, dhcpd, mediawiki, cpio, shorewall, and kdenetwork. The
distributors include Debian, Fedora, Gentoo, and Red Hat.

http://www.linuxsecurity.com/content/view/119864/150/

---

Network Server Monitoring With Nmap

Portscanning, for the uninitiated, involves sending connection requests
to a remote host to determine what ports are open for connections and
possibly what services they are exporting. Portscanning is the first step
a hacker will take when attempting to penetrate your system, so you should
be preemptively scanning your own servers and networks to discover
vulnerabilities before someone unfriendly gets there first.

http://www.linuxsecurity.com/content/view/119864/150/

---

Linux File & Directory Permissions Mistakes

Greetings, gentle reader, and welcome to linuxsecurity.com and our new
recurring series of articles on security related mistakes and how to avoid
them. I'm your host, Pax Dickinson, and today we'll be reviewing basic
Linux file and directory permissions and how to avoid some common pitfalls
in their use, in this episode of Hacks From Pax.

One common mistake Linux administrators make is having file and directory
permissions that are far too liberal and allow access beyond that which
is needed for proper system operations. A full explanation of unix file
permissions is beyond the scope of this article, so I'll assume you are
familiar with the usage of such tools as chmod, chown, and chgrp. If
you'd like a refresher, one is available right here on linuxsecurity.com.

http://www.linuxsecurity.com/content/view/119415/49/

---

>> The Perfect Productivity Tools <<

WebMail, Groupware and LDAP Integration provide organizations with
the ability to securely access corporate email from any computer,
collaborate with co-workers and set-up comprehensive addressbooks to
consistently keep employees organized and connected.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn05


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------+
| Security News:      | <<-----[ Articles This Week ]----------
+---------------------+

* Domain Hijacking Takes ICANN Spotlight
  18th, July, 2005

Web sites both big and small face the risk of having their Web
addresses stolen because of flaws in the way domain names are
registered, transferred and tracked, a report released this week
found.

http://www.linuxsecurity.com/content/view/119807


* Network monitoring with ngrep
  20th, July, 2005

Constant monitoring and troubleshooting are key to maintaining a
network's availability. With ngrep, you can analyze network traffic
in a manner similar to that of other network sniffers. However,
unlike its brethern, ngrep can match regular expressions within the
network packet payloads. By using its advanced string matching
capabilities, ngrep can look for packets on specified ports and
assist in tracking the usernames and passwords zipping off the
network, as well as all Telnet attempts to the server.

http://www.linuxsecurity.com/content/view/119829


* Review: GFI LANguard Network Security Scanner 6
  21st, July, 2005

This is a review of the new release of LANguard Network Security
Scanner (GFI LANguard NSS) from GFI. NSS will scan computers for
known vulnerabilities and common misconfigurations and other
potential security issues. It produces reports that can be used to
assist in the tracking and mitigation of security issues that have
been identified. Furthermore, NSS provides patch management
capabilities that allow you to centrally download and push out
patches to systems with identified vulnerabilities.

http://www.linuxsecurity.com/content/view/119840


* Interview with Fyodor of Nmap
  17th, July, 2005

Nmap ("Network Mapper") is a free utility for network exploration and
security auditing. It was designed to rapidly scan large networks,
although it works fine against single hosts. Nmap uses raw IP packets
in novel ways to determine what hosts are available on the network,
what services (application name and version) those hosts are
offering, what operating systems (and OS versions) they are running,
what type of packet filters/firewalls are in use, and dozens of other
characteristics. Nmap runs on most types of computers and both
console and graphical versions are available. Nmap is free software,
available with full source code under the terms of the GNU GPL.

http://www.linuxsecurity.com/content/view/119797


* Mozilla Fixes Thunderbird Flaws In 1.0.5
  18th, July, 2005

The Mozilla Foundation this week updated its rival to Microsoft
Outlook, the Thunderbird stand-alone POP3 e-mail and news client, to
plug some of the same security holes that earlier were fixed in the
open-source group's popular Firefox browser.

http://www.linuxsecurity.com/content/view/119806


* ISPs versus the zombies
  19th, July, 2005

In the next few months, ISPs in the United States will begin
receiving reports on the zombies, or PCs open to control by hackers,
that lurk on their networks. The data will be sent out by the Federal
Trade Commission, which said in May that zombies have become such a
serious problem that more industry action is required.

http://www.linuxsecurity.com/content/view/119819


* Greasemonkey Flaw Prompts Critical Uninstall Warning
  20th, July, 2005

A gaping security hole in a popular Firefox browser extension could
allow malicious hackers to hijack files from a user's hard drive,
developers warned Tuesday.

http://www.linuxsecurity.com/content/view/119827


* Open authentication initiative gaining ground
  20th, July, 2005

Backers of open standards-based interoperable authentication
technologies are happy to report growing membership in the
authentication initiative known as OATH, which released its OATH
Reference Architecture Version 1.0 specification for cross-device
authentication in May. Now they're working to convince more
organizations, many of which are reportedly unaware of the option, to
go beyond disparate, proprietary standards or one-word passwords.

http://www.linuxsecurity.com/content/view/119830


* Major Firefox release delayed
  21st, July, 2005

The next version of Firefox has been delayed for a few months, the
Mozilla Foundation confirmed Thursday.	Earlier Mozilla stated on its
Web site that the next major release of Firefox, called version 1.1,
would be released in July. But on Wednesday, lead Firefox engineer
Ben Goodger updated the group's roadmap to indicate that the next
major release would now not be until after August.

http://www.linuxsecurity.com/content/view/119851


* Hacker Mitnick preaches social engineering awareness
  22nd, July, 2005

Properly trained staff, not technology, is the best protection
against social engineering attacks on sensitive information,
according to security consultant and celebrity hacker Kevin Mitnick.

http://www.linuxsecurity.com/content/view/119863


*  Linux Security, Audit and Control Guidance Featured In New Book
  22nd, July, 2005

More than 10 years after its debut, Linux has matured from a student
hobby to a highly respected platform used by major organizations
worldwide. Because of this growing popularity and increased
legislation requiring tight controls over IT, the Information Systems
Audit and Control Association (ISACA) has issued a new publication
with detailed guidance on security, audit and control of Linux.

http://www.linuxsecurity.com/content/view/119865


* Is wireless security pointless?
  21st, July, 2005

What with country singer Lee Greenwood's recorded rendition of
patriot songs like "Glory, Glory, Hallelujah" and "God Bless America"
playing over the sound system at 8:30 a.m. in the Commerce Department
auditorium in Washington, D.C., one could have been excused for
thinking the July 20 conference: "Pharmers and Spimmers, Hackers and
Bluejackers: Combating Wireless Security Threats" was taking place
during a national emergency. Far from it.

http://www.linuxsecurity.com/content/view/119841

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list