|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISN] Linux Security Week, Nov 13th 2000
newsletter-admins
linuxsecurity.com
Date: Mon Nov 13 2000 - 08:15:07 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| November 13, 2000 Volume 1, Number 28n |
| |
| Editorial Team: Dave Wreski davelinuxsecurity.com |
| Benjamin Thomas benlinuxsecurity.com |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security
newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security
headlines.
This week a few interesting articles were released that can help you
improve your network security. "Building Your Own Honeypot" discusses
how Honeypots are used and gives a few pointers on how to set one
up. "A Firewall for Linux with Ipchains" was another interesting
article. It outlines the basics of setting up a firewall using
Linux and Ipchains.
This week, advisories were released for netscape, xfce, global, top,
tcpdump, usermode, and dump. The vendors include FreeBSD, RedHat,
and Trustix. If you have FreeBSD systems, we recommend that you
update immediately. I am beginning to wonder if the Linux vendors
were caught up in the election. Five of the seven advisories this
week were from FreeBSD. If you have not been keeping up with
advisories, it may be a good idea to go back a few weeks and make
sure your system has been properly patched.
Vulnerability List: http://www.linuxsecurity.com/vuln-newsletter.html
Webmasters, our advisory and news feed is now available in RDF
format. We invite you to use and customize our feed to provide
up-to-date security content on your website.
http://www.linuxsecurity.com/linuxsecurity_articles.rdf
http://www.linuxsecurity.com/linuxsecurity_advisories.rdf
=====================================================================
** FREE Apache SSL Guide from Thawte **
Planning Web Server Security? Find out how to implement SSL! Get the
free Thawte Apache SSL Guide and find the answers to all your Apache
SSL security issues and more at:
http://www.thawte.com/ucgi/gothawte.cgi?a=n055017540018000
=====================================================================
HTML Version available:
http://www.linuxsecurity.com/newsletter.html
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-----------------+
+---------------------+
* A Firewall for Linux with Ipchains
November 8th, 2000
Ipchains is a packet-filtering firewall package. You can findan RPM
of Ipchains in RedHat/RPMS in the latest PC Quest RedHat CD. First
youhave to check whether the Linux kernel supports Ipchains. For
this, look for afile named ip_fwchains in /proc/net.
http://www.linuxsecurity.com/articles/firewalls_article-1899.html
* System Fingerprinting With Nmap
November 8th, 2000
When someone with half a clue decides to attack your system, he or
she will first try to identify the operating system. Not every attack
proceeds this way: Script kiddies probe huge address spaces looking
for any system with a particular port open, which indicates that just
maybe that system will be vulnerable. But for the professional
penetration tester or hacker, identifying the operating system is an
essential step in probing.
http://www.linuxsecurity.com/articles/network_security_article-1900.html
+------------------------+
| Network Security News: |
+------------------------+
* Building Your Own Honeypot
November 11th, 2000
One trick favored by hunters since prehistoric times still proves
useful in the world of digital networks: bait. Security specialists
often construct systems that appear vulnerable to attack, but
actually offer no access to valuable data, administrative controls,
or other computers.
http://www.linuxsecurity.com/articles/network_security_article-1917.html
* Stopping Spam and Trojan Horses with BSD
November 10th, 2000
Here's a great guide to reducing the risk of spam using sendmail.
Additional information includes DNS blacklists, spam filters and
procmail, securing identd, and more. "A properly configured BSD mail
server can protect users from spam and Trojan horses while rejecting
virtually no legitimate content.
http://www.linuxsecurity.com/articles/server_security_article-1914.html
* Linux Networking, Part 6: Securing Your Network
November 8th, 2000
The only sure way to lock down a PC is to disconnect it from any
network and never load a program or a document file that supports
macros. That is rather impractical especially when our goal is to
connect the network to the Internet. There are a number of avenues
and methods where security of a network can be breached. Attacks
from the Internet through the firewall are the ones we look at here.
Other threats include computer viruses.
http://www.linuxsecurity.com/articles/network_security_article-1901.html
+------------------------+
| Cryptography News: |
+------------------------+
* Quantum Key Distribution: The Future of Security?
November 10th, 2000
The US Government is adopting a new encryption standard called
Advanced Encryption Standard (AES), which will eventually replace
DES. On October 2, the National Institute of Standards and
Technology (NIST) announced that it had chosen Rijndael (pronounced
Rhine-doll) as the new standard's cipher formula.
http://www.linuxsecurity.com/articles/cryptography_article-1916.html
* Interview: Rijndael's Vincent Rijmen
November 7th, 2000
In the wake of renewed skepticism about the effectiveness of
cryptography in improving Internet security, the U.S. Department of
Commerce on October 2 nominated a new scheme called Rijndael to
replace its current, arguably worn out Data Encryption Standard
(DES).
http://www.linuxsecurity.com/articles/forums_article-1897.html
+-------------------------+
| Vendors/Tools/Products: |
+-------------------------+
* ISC Releases BIND 8.2.2 Patch 7
November 10th, 2000
ISC has discovered (or has been notified of) eight bugs which can
result in vulnerabilities of varying levels of severity in BIND as
distributed by ISC. Upgrading to BIND version 8.2.2 patchlevel 7, or
higher, is strongly recommended for all users of BIND. The latest
vulnerability includes a serious remote denial of service attack.
Upgrade immediately.
http://www.linuxsecurity.com/articles/server_security_article-1915.html
* Tool personalizes security warnings
November 9th, 2000
The National Institute of Standards and Technology announced a
service Tuesday that will enable government and private-sector users
to receive personalized security vulnerability notices. The new
service, named Cassandra and developed by Purdue University's Center
for Education and Research in Information Assurance and Security,
builds upon NIST's ICAT searchable vulnerability index. ICAT
provides summaries and links to open vulnerability databases
available on the Internet.
http://www.linuxsecurity.com/articles/government_article-1909.html
* PGPwireless to Protect Wireless Phone and PDA Users
November 7th, 2000
PGP Security, a Network Associates business, today introduced
PGPwireless, a new line of products designed to secure information on
personal digital assistants (PDAs) and wireless phones. PGPwireless
for PalmOS, based on the industry-leading PGP encryption technology
and the first offering in the new wireless family of products,
provides the highest level of encryption, decryption, digital
signatures and authentication capabilities to secure information
stored and transmitted on PDAs.
http://www.linuxsecurity.com/articles/vendors_products_article-1896.html
+------------------------+
| General News: |
+------------------------+
* Geographic tracking raises opportunities, fears
November 9th, 2000
New technology that can pinpoint the physical location of Web surfers
is creating opportunities for online merchants and advertisers but
could signal new restrictions on the free-wheeling Internet.
http://www.linuxsecurity.com/articles/privacy_article-1905.html
* The Art of Good Computer Security Writing
November 7th, 2000
Good computer security documentation teaches practical solutions
clearly. Yet, too often security documents suffer from too little
explanation and too technical language.
http://www.linuxsecurity.com/articles/documentation_article-1889.html
* The Ten Immutable Laws of Security
November 6th, 2000
This Microsoft article does a good job of outlining a list of
security issues that no patch can fix. Only dilligence in maintaining
your systems can ensure you're systems are as secure as possible.
http://www.linuxsecurity.com/articles/server_security_article-1883.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email newsletter-requestlinuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERVSecurityFocus.com with a message body of
"SIGNOFF ISN".
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]