Linux Security Week September 4 - In this issue: Our feature this week, "Setting up a Linux Log Server to enhance System Security," provides clear step-by-step information on how to setup a log server. Also includes papers on Intrusion Detection Level Analysis of Nmap and Queso, PAM - Pluggable Authentication Modules, Anyone with a Screwdriver Can Break In (physical linux security), Inexpensive measures to solve security problems, Attacking Linux, Firewalls - Placement, The Emotional Side of Cryptography, Ain't no network strong enough, Encryption Could Starve Carnivore, The next era for Internet security, Review of Debian 2.2 Security, Justice shops for Carnivore review, Interview with Lance Spitzner, and much more.
aefdff8aa8f24da5bd0762cdef4f41253f50fc7ba00b9c7809ec4771ee7a0b13
+---------------------------------------------------------------------+
| LinuxSecurity.com Linux Security Week |
| September 4, 2000 Volume 1, Number 18n |
| |
| Editorial Team: Dave Wreski dave@linuxsecurity.com |
| Benjamin Thomas ben@linuxsecurity.com |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security
newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security
headlines.
Security advisories can now be found in our new publication, "Linux
Advisory Watch," distributed on Friday mornings. We hope that this
change in format makes focusing on patching system vulnerabilities
easier. If you were a subscriber of this newsletter prior to 09/01/00,
you have automatically been included as a member of the new advisory
list.
Advisories: http://www.linuxsecurity.com/advisories.html
Our feature this week, "Setting up a Linux Log Server to enhance
System Security," provides clear step-by-step information on how to
setup
a log server. The article covers topics ranging from configuring
/etc/syslogd.conf to adding firewall rules. It complements last weeks
article, "A Complete Reference Guide to Creating a Remote Log Server."
This article will prove to be very helpful.
http://www.linuxsecurity.com/feature_stories/feature_story-65.html
Our sponsor this week is WebTrends. Their Security Analyzer has the
most
vulnerability tests available for Red Hat & VA Linux. It uses advanced
agent-based technology, enabling you to scan your Linux servers from
your
Windows NT/2000 console and protect them against potential threats. Now
with over 1,000 tests available.
http://www.webtrends.com/redirect/linuxsecurity1.htm
HTML Version available:
http://www.linuxsecurity.com/newsletter.html
+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-----------------+
+---------------------+
* Intrusion Detection Level Analysis of Nmap and Queso
August 31st, 2000
The purpose of this paper is to help Intrusion detection analysts and
firewall administrators identify NMAP & QUESO scans. This paper will
provide bit level analysis in detecting NMAP and QUESO scans. This
type of analysis is vital for individuals who are performing firewall
administration and need to understand more details relating to these
scanners and the scans they perform.
http://www.linuxsecurity.com/articles/intrusion_detection_article-1471.html
* PAM - Pluggable Authentication Modules
August 31st, 2000
PAM (Pluggable Authentication Modules) provides the backbone of most
authentication in modern Linux systems (and can be implemented in
others, such as Solaris), yet it is typically ignored and woefully
under-utilized. Anytime you log into a modern Linux system, whether
via telnet, ssh, pop, ftp, and so on, you are using PAM to process
the authentication request.
http://www.linuxsecurity.com/articles/host_security_article-1474.html
* Anyone with a Screwdriver Can Break In!
August 28th, 2000
This article will discuss the second weakest layer of computer
security, Physical Security1. As we'll see, any attacker with
physical access to a computer, a little ingenuity, and sufficient
time can compromise the system. By way of example, I'll demonstrate
attack and defense on a Red Hat Linux box and show how you might slow
down, or even prevent, these kinds of attacks. You don't need a Linux
machine, or even technical responsibility, for this article to be
useful.
http://www.linuxsecurity.com/articles/general_article-1444.html
+------------------------+
| Network Security News: |
+------------------------+
* Inexpensive measures to solve security problems
September 1st, 2000
Computer security is difficult to achieve. It requires constant
vigilance, and it involves inconvenience. Sometimes, expensive
products are offered that are claimed to solve your security problems
with no problems, and they do not deliver. However, there are a
number of inexpensive measures that would seem to solve a lot of
security problems that aren't being used.
http://www.linuxsecurity.com/articles/network_security_article-1480.html
* Attacking Linux
August 30th, 2000
Network scanning, password grabbing, trojaned software -- all are the
bane of the righteous sysadmin. Craig Ozancin reveals how to beef up
network security and ward off attackers at the LinuxWorld Expo, as
reported by Rick Moen.
http://www.linuxsecurity.com/articles/hackscracks_article-1468.html
* Firewalls - Placement
August 29th, 2000
Security is no good if it isn't in the right place. Think about a
modern office building - where are the doors with locks? The lobby
doors can always be locked, and usually the doors on each floor have
locks as well. If only the office doors had locks, the building would
be less secure. More security guards would be needed to make sure no
one is trying to force a door.
http://www.linuxsecurity.com/articles/firewalls_article-1460.html
+--------------------+
| Cryptography News: |
+--------------------+
* The Emotional Side of Cryptography
August 31st, 2000
Encrypting data before storage or transmission involves a bit of
extra work. This often means that people who ought to be using
encryption, instead of relying on the assumption that their data will
not be intercepted, fail to do so. But it is also true that some of
the people who use encryption are keenly aware of the importance of
keeping their information secret.
http://www.linuxsecurity.com/articles/cryptography_article-1473.html
* Ain't no network strong enough
August 31st, 2000
Master cryptographer Bruce Schneier's "Secrets and Lies" explains
why computer security is an oxymoron. Bruce Schneier, master
cryptographer and idol of the computer underground, targets those
short-attention-spanners in his latest book, "Secrets and Lies:
Digital Security in a Networked World." Aiming straight for the
vaunted "general audience," he peppers the 400-plus pages with Yogi
Berra quotes, analogies drawn from "Star Wars" and trivia tidbits
from Greek mythology.
http://www.linuxsecurity.com/articles/cryptography_article-1476.html
* Encryption Could Starve Carnivore
August 28th, 2000
Even as the FBI slowly releases details of its Carnivore e-mail
wiretap technology, software developers are readying schemes to
starve Carnivore of meaningful data. ChainMail and Sigaba are among
the companies promoting encryption technology designed to render
any captured e-mail meaningless to third parties.
http://www.linuxsecurity.com/articles/cryptography_article-1453.html
* The next era for Internet security
August 28th, 2000
Security insiders have had the date circled on their calendars for
years. What's going to happen when RSA's encryption and decryption
patents expire next month? A milestone in the history of technology
is set to occur next month when RSA Security Inc. patents,
fundamental to most Internet security, expire.
http://www.linuxsecurity.com/articles/general_article-1451.html
+----------------------------+
| Vendor/Product/Tools News: |
+----------------------------+
* Review of Debian 2.2 Security
August 30th, 2000
I wanted to write a really positive article about Debian 2.2, which
was just released a few weeks ago. Unfortunately, I can't. While
Debian itself is a reasonably well-done Linux distribution, it has
some major security issues.
http://www.linuxsecurity.com/articles/host_security_article-1465.html
* Justice shops for Carnivore review
August 28th, 2000
The Justice Department has officially begun shopping for a university
to conduct an independent technical review of Carnivore, the e-mail
bugging system. The request for proposals was posted on the
department's World Wide Web site Aug. 23, and Attorney General Janet
Reno said proposals are due Sept. 6.
http://www.linuxsecurity.com/articles/government_article-1448.html
+---------------+
| General News: |
+---------------+
* ICMP Usage in Scanning version 2.0
September 3rd, 2000
The Internet Control Message Protocol is one of the debate full
protocols in the TCP/IP protocol suite regarding its security
hazards. There is no consent between the experts in charge for
securing Internet networks (Firewall Administrators, Network
Administrators, System Administrators, Security Officers, etc.)
regarding the actions that should be taken to secure their network
infrastructure in order to prevent those risks. In this paper Ofir
Arkin has tried to outline what can be done with the ICMP protocol
regarding scanning.
http://www.linuxsecurity.com/articles/documentation_article-1485.html
* Justice shops for Carnivore review
September 1st, 2000
Since the public learned of Carnivore in early July, members of
Congress, privacy advocates and civil liberties organizations have
expressed serious concerns over its use and potential for abuse.
The request for proposals notes some of the concerns, including that
the system could provide investigators with more information than
legally allowed by a court order or be used for unlawful invasions of
privacy.
http://www.linuxsecurity.com/articles/privacy_article-1478.html
* Interview with Lance Spitzner
September 1st, 2000
Lance is a former officer in the Army's Rapid Deployment Force, and
the author of numerous Whitepapers on computer security. In his own
words: "I'm a geek who constantly plays with computers, especially
network security. I love security because it is a constantly changing
environment, your job is to do battle with the bad guys."
http://www.linuxsecurity.com/articles/forums_article-1481.html
* To Tell, or Not to Tell?
August 30th, 2000
Some "bug hunters" who uncover security flaws in computer software
and rush to issue public warnings may be helping hackers more than
consumers, industry officials worry. It's a thorny issue that
divides security specialists. Many argue that fast, full disclosure
of a vulnerability alerts computer users to take precautions and
pushes software makers to provide a quick solution.
http://www.linuxsecurity.com/articles/hackscracks_article-1469.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".