[ISN] Linux Security Week - October 31st 2005

InfoSec News isn at c4i.org
Tue Nov 1 01:08:17 EST 2005


+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  October 31st, 2005                         Volume 6, Number 45n    |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave at linuxsecurity.com    |
|                   Benjamin D. Thomas      ben at linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Keychain:
Openssh Key Management," "Two Factor Authentication Systems," and
"Putting Patch Management in Perspective."

---

## EnGarde Secure Linux 3.0 - Download Now! ##

* Linux 2.6 kernel featuring SELinux Mandatory Access Control
* Guardian Digital Secure Network features free access to all
  system and security updates (to be available shortly through
  an updated release)
* Support for new hardware, including 64-bit AMD architecture
* Web-based management of all functions, including the ability
  to build a complete web presence with FTP, DNS, HTTP, SMTP and
  more.
* Apache v2.0, BIND v9.3, MySQL v5.0(beta)
* Completely new WebTool, featuring easier navigation and
  greater ability to manage the complete system
* Integrated firewall with ability to manage individual firewall
  rules, control port forwarding, and creation of IP blacklists
* Built-in UPS configuration provides ability to manage an entire
  network of battery-backup devices
* RSS feed provides ability to display current news and immediate
  access to system and security updates
* Real-time access to system and service log information

LEARN MORE:
http://www.guardiandigital.com/products/software/community/esl.html

---

LINUX ADVISORY WATCH

This week, advisories were released for mozilla, module-assistant,
eric, sudo, libgda2, imlib, koffice, net-snmp, lynx, RTF, Netpbm,
cURL, Zope, phpMyAdmin, ethereal, pam, and fetchmail. The
distributors include Debian, Gentoo, and Red Hat.

http://www.linuxsecurity.com/content/view/120679/150/

---

Hacks From Pax: SELinux And Access Decisions

Hi, and welcome to my second of a series of articles on Security
Enhanced Linux. My previous article detailed the background of
SELinux and explained what makes SELinux such a revolutionary
advance in systems security. This week, we'll be discussing how
SELinux security contexts work and how policy decisions are made
by SELinux.

SELinux systems can differ based on their security policy, so
for the purposes of this article's examples I'll be using an
EnGarde Secure Linux 3.0 system, which by default uses a tightly
configured policy that confines every included application.

http://www.linuxsecurity.com/content/view/120622/49/

---

Hacks From Pax: PHP Web Application Security
By: Pax Dickinson

Today on Hacks From Pax we'll be discussing PHP web application
security. PHP is a great language for rapidly developing web
applications, and is very friendly to beginning programmers, but
some of its design can make it difficult to write web apps that
are properly secure. We'll discuss some of the main security
"gotchas" when developing PHP web applications, from proper
user input sanitization to avoiding SQL injection
vulnerabilities.

http://www.linuxsecurity.com/content/view/120043/49/

---


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------+
| Security News:      | <<-----[ Articles This Week ]----------
+---------------------+

* Keychain - Openssh Key Management
  27th, October, 2005

Ever since networking came out, one important issue, to a various
extent over the time, has been how to give the legitimate users the
right access - authentication, which is one of the three basic
elements in security: authentication, authorization and access
control.

http://www.linuxsecurity.com/content/view/120675


* Security Book Contest
  27th, October, 2005

We are giving away the following titles: Rootkits: Subverting the
Windows Kernel, Real Digital Forensics, Cryptography in the Database,
Extrusion Detection, Secure Coding in C and C++, Data Protection and
Information Lifecycle Management.

http://www.linuxsecurity.com/content/view/120669



* Help's A Firewall Away
  24th, October, 2005

Flash back to December 2002. Barely in his 20s, self-taught network
engineer and help-desk staffer Joel Bomgaars is frustrated because
firewalls prevent him from accessing PCs of users needing help. At
his cubical at systems integrator Business Communications Inc., he
has an epiphany: Instead of accessing the user's computer, have the
user request help by going to a Web site. That would clear the
firewall hurdles, because firewalls only block incoming messages. The
idea worked, and Bomgaars was able to connect with a user within 10
seconds.

http://www.linuxsecurity.com/content/view/120644


*  Two Factor Authentication Systems?
  27th, October, 2005

I've been given a project to undertake that involves setting our
internal network systems up to have two factor authentication. I need
suggestions to take in front of our CIO that shows how the security
model works, cost vs benefit/features, and the different options. At
this point, the name brand is RSA and I'm pressed to find any others
even though I've done looking around.

http://www.linuxsecurity.com/content/view/120674


* VOIP may be vulnerable to barrage of threats
  25th, October, 2005

Is enterprise VoIP (voice over IP) due for a security wakeup call or
are the threats mostly exaggerated? It depends on who's talking.

http://www.linuxsecurity.com/content/view/120650


* Hotrod Your Linksys WAP with Linux
  26th, October, 2005

A lot of Linux geeks are master scroungers, because Linux is so
adaptable that old AMDs, classic Pentiums and even 386es and 486es
can be put to use in some way. It's a shame to throw away old
equipment when it can be repurposed as networking devices like
firewalls, authentication servers and routers. But as fun as it is to
recycle, I'll wager I'm not the only who has gazed upon shiny new
devices like the Linksys WRT54G and sighed "Wouldn't that be a great
device for my network! It is small, cheap, and uses little power.

http://www.linuxsecurity.com/content/view/120663


* OSSEC HIDS v0.4 available - log analysis, rootkit detection and
integrity checking
  27th, October, 2005

Version 0.4 of the OSSEC HIDS is now available.

OSSEC HIDS is an Open source Host-based intrusion detection software.
It performs log analysis, integrity checking, rootkit detection and
health monitoring.

http://www.linuxsecurity.com/content/view/120670


* Gartner event focuses on security
  24th, October, 2005

With many keeping one eye on Hurricane Wilma churning off the coast,
6,000 IT executives last week heard Gartner analysts offer their
vision on everything from security trends to wireless network
directions. The Gartner Symposium and IT Expo 2005 also brought out
190 vendors and included keynote presentations from Microsoft CEO
Steve Ballmer, HP CEO Mark Hurd and Dell CEO Michael Dell.

http://www.linuxsecurity.com/content/view/120643


* Putting Patch Management in Perspective
  25th, October, 2005

Whether scanning and patching .vulnerable. systems, or urgently
reacting to a vendor.s patch release, many organizations have become
more and more reactive when it comes to dealing with electronic
security.

http://www.linuxsecurity.com/content/view/120651


* Check List For Linux Security
  27th, October, 2005

Linux is an amazing operating system considering how it was
originally created. It was a modest program written for one person as
a hobby - Linus Torvald of Finland. It has grown into a full-fledge
32-bit operating system. It is solid, stable and provides support for
an incredible number of applications. It has very powerful
capabilities and runs very fast and rarely crashes.

http://www.linuxsecurity.com/content/view/120673


* Are open source databases more secure?
  28th, October, 2005

If a recent Evans Data Corp. survey is any indication, IT
administrators are increasingly worried about security holes in
mainstream database products and are looking at open source
alternatives. But John Andrews, president of the Santa Cruz,
Calif.-based research firm, said that doesn't mean open source is
necessarily better.

http://www.linuxsecurity.com/content/view/120682


* Advanced Linux LDAP authentication
  28th, October, 2005

In an earlier look at LDAP, we set up a simple LDAP-based
authentication system. We configured client machines to retrieve
authentication information from a server running OpenLDAP. Now let's
go further by enabling encryption and looking at how to make user
modifications through LDAP.

http://www.linuxsecurity.com/content/view/120683


* The Story of Snort: Past, Present and Future
  25th, October, 2005

Last week we met with Martin Roesch, the creator of Snort, the de
facto standard for intrusion detection/prevention. Presented here is
the entire story of Snort in his words that covers seven years of
development that made this tool one of the most important security
software titles ever developed.

http://www.linuxsecurity.com/content/view/120656


* Skype Buffer Overflow Vulnerability
  25th, October, 2005

It looks like that Skype can be made to execute arbitrary code
through a buffer overflow when the software is called upon to handle
malformed URLs that are in form of callto:// and skype://.

http://www.linuxsecurity.com/content/view/120657


* The Story of Snort: Past, Present and Future
  25th, October, 2005

Martin Roesch, the creator of Snort, the de facto standard
for intrusion detection/prevention, presents the story of
Snort that covers seven years of development that made this
tool one of the most important security software titles ever
developed. In this audio session you'll get all the details on how
Snort was initially conceived as well as how it is expected to
develop further now after Check Point

http://www.linuxsecurity.com/content/view/120647


* Nessus fork emerges
  26th, October, 2005

With news settling in that the makers of the network vulnerability
scanner Nessus will not open source the next version of the software,
the team behind the soon-to-be-renamed GNessUs project is growing
fast and attracting attention.

http://www.linuxsecurity.com/content/view/120665


* FAQ: Identity fraud uncovered
  24th, October, 2005

Doing a thorough job means thinking about concepts like hard drive
wiping, file system encryption and phishing detection--not everyday
fare for many of us. To help you protect yourself from identity
fraudsters, CNET News.com has compiled the following list of
frequently asked questions and their
answers.

http://www.linuxsecurity.com/content/view/120642


* The hacker as terrorist?
  24th, October, 2005

If Congress approves the controversial anti-terror bill that Pres.
Gloria Macapagal Arroyo is eagerly pushing to become a law, hacking
or cracking would soon be considered as an act of terrorism.

http://www.linuxsecurity.com/content/view/120645


* VoIP Security Alliance Delivers VoIP Security Framework
  25th, October, 2005

The Voice over IP Security Alliance (VOIPSA), today
released the first comprehensive description of security and
threats in the field of VoIP. The results, known as the VoIP Security
Threat Taxonomy, provide the industry with a clear view of VoIP
threats, the vulnerabilities and a context for balancing
trade-offs.

http://www.linuxsecurity.com/content/view/120646


* Inside hackers' kindergarten
  25th, October, 2005

A rash of website defacements demonstrates that hackers can enter
corporate, government and education websites at will, according to
cyber-security expert Ken Low.

http://www.linuxsecurity.com/content/view/120649


* Sweating In the Hot Zone
  26th, October, 2005

Imagine what life would be like if your product were never finished,
if your work were never done, if your market shifted 30 times a day.
The computer-virus hunters at Symantec don't have to imagine.

http://www.linuxsecurity.com/content/view/120664


* Are You Ready To Be Hacked?
  26th, October, 2005

"The Air Force and the Pentagon are extremely attractive targets and
so the publicity acts as a draw for hackers," said Frost & Sullivan
industry analyst for network security Rob Ayoub. "As far as a lot of
smaller companies go, there's always a risk but they have a
reasonable amount of security through obscurity."

http://www.linuxsecurity.com/content/view/120662

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list