[ISN] Linux Security Week - March 7th 2005

InfoSec News isn at c4i.org
Mon Mar 7 06:04:26 EST 2005


+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  March 7th, 2005                            Volume 6, Number 10n    |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave at linuxsecurity.com    |
|                   Benjamin D. Thomas      ben at linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Firewalls'
False Sense of Security," "Easy Automated Snapshot-Style Backups with
Linux and Rsync," and "Why you should perform regular security
audits."

---

>> Enterprise Security for the Small Business <<
Never before has a small business productivity solution been
designed with such robust security features.  Engineered with
security as a main focus, the Guardian Digital Internet Productivity
Suite is the cost-effective solution small businesses have been
waiting for.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn07

---

LINUX ADVISORY WATCH

This week, advisories were released for mod_python, bsmtpd, gaim,
bind, gnucash, dhcp, at vixie-cron, lam, pvm, radvd, selinux-targeted-
policy, tcsh, openoffice, gamin, cmd5checkpw, uim, UnAce, MediaWiki,
phpBB, phpWebSite, xli, xloadimage, firefox, squid, kdenetwork,
nvidia, curl, uw-imap, and cyrus-sasl.  The distributors include
Conectiva, Debian, Fedora, Gentoo, Red Hat, and SuSE.

http://www.linuxsecurity.com/content/view/118492/150/

---------------

Getting to Know Linux Security: File Permissions

Welcome to the first tutorial in the 'Getting to Know Linux Security'
series.  The topic explored is Linux file permissions.  It offers an
easy to follow explanation of how to read permissions, and how to set
them using chmod.  This guide is intended for users new to Linux
security, therefore very simple.

http://www.linuxsecurity.com/content/view/118181/49/

---

The Tao of Network Security Monitoring: Beyond Intrusion Detection

The Tao of Network Security Monitoring is one of the most
comprehensive and up-to-date sources available on the subject. It
gives an excellent introduction to information security and the
importance of network security monitoring, offers hands-on examples
of almost 30 open source network security tools, and includes
information relevant to security managers through case studies,
best practices, and recommendations on how to establish training
programs for network security staff.

http://www.linuxsecurity.com/content/view/118106/49/

---

Encrypting Shell Scripts

Do you have scripts that contain sensitive information like
passwords and you pretty much depend on file permissions to keep
it secure?  If so, then that type of security is good provided
you keep your system secure and some user doesn't have a "ps -ef"
loop running in an attempt to capture that sensitive info (though
some applications mask passwords in "ps" output).

http://www.linuxsecurity.com/content/view/117920/49/

--------

>> The Perfect Productivity Tools <<

WebMail, Groupware and LDAP Integration provide organizations with
the ability to securely access corporate email from any computer,
collaborate with co-workers and set-up comprehensive addressbooks to
consistently keep employees organized and connected.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn05


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------+
| Security News:      | <<-----[ Articles This Week ]----------
+---------------------+

* Firewalls' False Sense of Security
  1st, March, 2005

The Internet front door to almost every bank and financial services
company in the world is guarded by two sets of firewalls defining a
DMZ. Nearly every e-commerce site sits in a similar DMZ in what has
become the de facto standard in Web security architecture. According
to Sun Microsystems, "In today's tumultuous times, having a sound
firewall/DMZ environment is your first line of defense against
external threats." But I would argue that guarding the perimeter is
lulling organizations into a false sense of security that results in
ignoring the implementation of other security mechanisms in their
applications and databases.

http://www.linuxsecurity.com/content/view/118458


* Firewall warns dealers of physical security threat
  1st, March, 2005

Specialist distributor, Firewall Systems, is warning resellers to
start thinking of security as a managed service or risk losing market
share to physical security providers.

http://www.linuxsecurity.com/content/view/118460


* Where's the security leadership
  4th, March, 2005

This year's RSA Conference was another opportunity for the security
glitterati to shine.

http://www.linuxsecurity.com/content/view/118496


* How secure is your computer?
  28th, February, 2005

StillSecure attached six computers - loaded with different versions
of the Windows, Linux and Apple's Macintosh operating systems -
earlier this month to the Internet without anti-virus software.  The
results show the Internet is a very rough place.  Over the course of
a week, the machines were scanned a total of 46,255 times by
computers around the world that crawl the Web looking for
vulnerabilities in operating systems.

http://www.linuxsecurity.com/content/view/118454


* Real Player under Attack
  2nd, March, 2005

For Linux the RealPlayer 10 and the Helix Player are affected. No
fixed versions are available for this. The Player for Symbian and
PalmOS are not concerned by the weak spots.RealNetworks classifies
the security gaps as critical and recommends all users to install the
available updates. Under Windows and Mac OS the update function of
the Player can be used.

http://www.linuxsecurity.com/content/view/118465


* Two Sides of Vulnerability Scanning
  28th, February, 2005

There are two approaches to network vulnerability scanning, active
and passive. The active approach encompasses everything an
organization does to foil system breaches, while the passive (or
monitoring) approach entails all the ways the organization oversees
system security. When making buying decisions for your organization,
it's a mistake to think that you have to choose between the two types
of protection.

http://www.linuxsecurity.com/content/view/118455


* Realistic SELinux
  2nd, March, 2005

SElinux is an impressively designed but notoriously hard-to-configure
set of kernel hooks that enforce Orange Book-style security on Linux.
Full support for SELinux takes effort, but when I first heard about
Fedora's new targeted policies for SELinux, I was willing to tell the
Red Hat folks "thanks, but no thanks." A conversation with their Dan
Walsh changed my mind.

http://www.linuxsecurity.com/content/view/118466


* Easy Automated Snapshot-Style Backups with Linux and Rsync
  3rd, March, 2005

This document describes a method for generating automatic rotating
"snapshot"-style backups on a Unix-based system, with specific
examples drawn from the author's GNU/Linux experience.	Snapshot
backups are a feature of some high-end industrial file servers; they
create the illusion of multiple, full backups per day without the
space or processing overhead.  All of the snapshots are read-only,
and are accessible directly by users as special system directories.

http://www.linuxsecurity.com/content/view/118482


* Linux Security Rough Around The Edges, But Improving
  4th, March, 2005

The National Security Agency built a version of Linux with more
security tools that its technologists believe could help make the
country's computing infrastructure less vulnerable. They won over the
Linux developer community with the changes. But its success depends
on the adoption by U.S. companies and government agencies, something
that remains very much in doubt.

http://www.linuxsecurity.com/content/view/118494


* Opera Targets Browser Vulnerability
  1st, March, 2005

Taking a cue from Firefox and others, software developer  Opera is
updating the latest iteration of its Web browser to combat phishing
attacks that take advantage of a  domain name  vulnerability. To
address the emerging Internationalized Domain Names (IDN) issue, the
second Beta version of the Opera browser displays localized domain
names from certain top level domains (TLD). It selects TLDs that have
stringent policies on the domain names they register. The Norwegian
firm said it will update its list of trusted TLDs on a regular basis
to further protect users.

http://www.linuxsecurity.com/content/view/118457


* French Ministry of Education and Research and Mandrakesoft
  2nd, March, 2005

Mandrakelinux products cover needs from the desktop (with the
 PowerPack) to critical infrastructure functions (with the Multi
 Network Firewall). The Multi Network Firewall operating system is
able to control access to both an organisation's private intranet and
the public internet. Mandrakesoft products are part of the software
library which has been selected to modernize the infrastructure of
France's education system. As well as the applications themselves,
Mandrakesoft will deliver technical support and training to
staff.

http://www.linuxsecurity.com/content/view/118471


* Computer Security 101
  1st, March, 2005

This sort of basic firewall has some issues that can be exploited by
hackers and malicious programmers to sneak through which is why there
are more advanced firewall systems. I mentioned that with this sort
of port blocking, communications in response to connections initiated
by your computer would be allowed through even on ports you were
blocking. Using this knowledge, a hacker can forge the packet to make
it look like it is a reply rather than an initiation of a connection
and the firewall will allow it through.

http://www.linuxsecurity.com/content/view/118459


* Why you should perform regular security audits
  2nd, March, 2005

In less than a decade, Internet security has evolved from an almost
esoteric topic to become one of the more important facets of modern
computing. And yet it's a rarity to find companies that actually
consider information security to be an important job function for all
workers--and not just the IT department's
problem.

http://www.linuxsecurity.com/content/view/118468


* Linux starts to take a more central IT role
  3rd, March, 2005

"It's as deep as it will get for us. It's what we're betting the data
center on," said Jon Fraley, a Linux administrator at Glen Raven. In
December, the Glen Raven, North Carolina-based textile manufacturer
finished moving mission-critical Oracle databases from an aging
24-CPU Hewlett-Packard server running Unix to four-way HP servers
that are based on Intel Xeon processors and run Red Hat's Linux
distribution.

http://www.linuxsecurity.com/content/view/118473


* Security market "worth $5.5bn by 2008"
  4th, March, 2005

The security software and appliance market rose by 30 per cent last
year and is predicted to be worth $5.5billion worldwide by 2008
according to a new report.

http://www.linuxsecurity.com/content/view/118495


* Managed Security Service Expands Compliance Capabilities
  3rd, March, 2005

"RES' Information Security and Threat Management solution provides a
perfect blend of best practices and industry standards that our
enterprise customers need to comply with growing regulatory
requirements," said Douglas Adams, RES vice president of sales and
marketing. RES is committed to providing the most innovative managed
services designed to meet the quality-of-service demands of our
Fortune 500 and Fortune 1000 enterprise customers."

http://www.linuxsecurity.com/content/view/118475


* Find wireless rogues without sensors
  3rd, March, 2005

I finally settled on a strategy for wireless security. As wireless
access points began appearing on our company's network, we configured
them with Cisco's Lightweight Extensible Access Protocol (read my
previous article, Migrate WLANs away from Cisco's LEAP). LEAP forces
users to authenticate to the access point with their enterprise
credentials - the same credentials used for virtual private network
access, as well as services such as payroll and Microsoft Exchange
e-mail. That's because we use a centralised directory that ties into
most of our core applications and lets employees use a single
password to sign on.

http://www.linuxsecurity.com/content/view/118474

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list