Security News > 2001 > May > Linux Security Week - May 28th 2001
+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | May 28th 2001 Volume 2, Number 21n | | | | Editorial Team: Dave Wreski dave () linuxsecurity com | | Benjamin Thomas ben () linuxsecurity com | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, our readers should pay particular attention to "DoE: First Responder's Manual," "Two Open Source Security Code Scanners," and "SMTP over an SSH Tunnel." Also in the news, the saga surrounding Max Butler continues. An updated Wired story appears in the General section of this newsletter. ### FREE Apache SSL Guide from Thawte ### Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more. -> Go to: http://www.gothawte.com/rd12.html This week, advisories were released for samba, minicom, xemacs, kernel (TurboLinux), man, mktemp, openssh, pine, and vixie-cron. The vendors include Caldera, EnGarde, Mandrake, Red Hat, and TurboLinux. It is critical that you update all insecure packages. http://www.linuxsecurity.com/articles/forums_article-3064.html HTML Version available: http://www.linuxsecurity.com/newsletter.html +---------------------+ | Host Security News: | <<-----[ Articles This Week ]-----------------+ +---------------------+ * Hardening Linux May 22nd, 2001 IPChains in my opinion is a poor man's firewall. Now while most Linux binaries are open source I mean this in the sense that most people who use IPChains have little knowledge about firewalls or protocols and look for IPChains as a solution to a firewall. IPChains has its ups and downs, but a strong firewall by comparison should be the ultimate resolution. http://www.linuxsecurity.com/articles/host_security_article-3049.html * Two Open Source Security Code Scanners May 22nd, 2001 David Wheeler, author of the Secure Programming HOWTO and the RATS development team from Secure Software Solutions today announced open source source code security flaw scanners. RATS scans through code, finding potentially dangerous function calls. The goal of this tool is not to definitively find bugs. Instead, this tool aims to provide a reasonable starting point for performing manual security audits." "Flawfinder" states it will "scan source code and identify out potential security flaws, ranking them by likely severity. http://www.linuxsecurity.com/articles/projects_article-3046.html * DoE: First Responder's Manual May 21st, 2001 This manual "is designed as a guide concerning the initial response to a computer incident for both system administrators and security personnel." Although this manual is being written with system administrators and security personnel in mind, it can be useful to anyone who suspects a computer was used, intentionally or unintentionally, in a security incident or criminal act. http://www.linuxsecurity.com/articles/security_sources_article-3040.html +------------------------+ | Network Security News: | +------------------------+ * DoS attacks hit anyone, not just corporations May 25th, 2001 Denial of service (DoS) attacks against big Internet players like Amazon.com draw media attention, but according to a new study, these electronic assaults frequently are targeted against individual personal computers. DoS attacks disable Web servers on the Internet by overloading them with messages, according to the study. http://www.linuxsecurity.com/articles/network_security_article-3068.html * Firewalling: Reject vs. Deny, Default-open vs. Default-closed May 23rd, 2001 There are a number of issues considered all too rarely by firewall administrators. Most IP level firewalls have a number of options for handling a packet. The packet can typically be accepted, dropped, or sent through another set of rules for inspection (allowing you to break up your ruleset into more manageable pieces. http://www.linuxsecurity.com/articles/firewalls_article-3055.html * Enter the Decentralized Zone May 22nd, 2001 Digital security is a trade-off. If securing digital data were the only concern a business had, users would have no control over their own computing environment at all-the Web would be forbidden territory; every disk drive would be welded shut. The current compromise between security and flexibility is a sort of intranet-plus-firewall sandbox, where the IT department sets the security policies that workers live within. This allows workers a measure of freedom and flexibility while giving their companies heightened security. http://www.linuxsecurity.com/articles/network_security_article-3047.html * SMTP over an SSH Tunnel May 22nd, 2001 The first thing I decided was to establish the tunnel as a non-root user. Since the tunnel was going to exist for solely mail relaying purposes, I created a relay user on both my laptop and the server in question. I also ran ssh-keygen(1) and gave the relay user an empty passphrase. If you're overly paranoid, you can use a passphrase and then use ssh-agent(1). The way I figure is if someone gets into my laptop, I have more things to worry about than them sending mail through my relay. http://www.linuxsecurity.com/articles/network_security_article-3048.html +------------------------+ | Vendors/Products/Tools:| +------------------------+ * Intrusion-Detection Systems by the Numbers May 21st, 2001 My company recently tested and acquired a network-based intrusion-detection system (IDS). Over the past few months, I've received many e-mails from readers asking me to explain the performance-testing methodology I used, so I've decided to share how I tested our network-based IDS. (A network-based IDS server watches traffic destined for all host systems on a subnet, while a host-based IDS typically runs on each host system to be protected.) http://www.linuxsecurity.com/articles/intrusion_detection_article-3045.html +------------------------+ | General Security News: | +------------------------+ * Internet architects zero in on reliability, security May 26th, 2001 As the architects of the future Internet struggle to define underlying technologies for providing a range of new network services, reliability and security are again moving to the top of the agenda. According to security experts at a meeting this week sponsored by the Global Internet Project and the Cross-Industry Working Team, the reliability issue lends itself to market-driven technology solutions. http://www.linuxsecurity.com/articles/network_security_article-3071.html * A 'White Hat' Goes to Jail: Updated May 25th, 2001 Max Butler lived three lives for five years. As "Max Vision," he was an incredibly skilled hacker and security expert who boasted that he'd never met a computer system he couldn't crack. As "The Equalizer," he was an FBI informant, reporting on the activities of other hackers. As Max Butler, he was a family man in Santa Clara, California who ran a Silicon Valley security firm. http://www.linuxsecurity.com/articles/hackscracks_article-3069.html * A common language for security vulnerabilities May 25th, 2001 When hackers want to breach your systems, they typically look for well-known security flaws and bugs to exploit. In the past, vendors and hackers gave different names to the same vulnerabilities. One company might package a group of five vulnerabilities into a patch or service pack and call it by one name, while another vendor might call the same group by five separate names. http://www.linuxsecurity.com/articles/projects_article-3070.html * Security outsourcing set to soar May 23rd, 2001 Spurred on by the increasing complexity of systems and the seemingly growing number of threats, businesses with critical electronic processes are increasingly turning to third party security suppliers to guard their gates. http://www.linuxsecurity.com/articles/general_article-3054.html * NSF funds infosec scholarships May 23rd, 2001 The National Science Foundation on Tuesday announced it has awarded $8.6 million in scholarship money to six schools in the first round of its Scholarship for Service program. The program provides scholarships to undergraduate and graduate students who agree to study information security and information assurance in exchange for two years of related government service. http://www.linuxsecurity.com/articles/government_article-3053.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribe () SecurityFocus com