+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 15th, 2002 Volume 3, Number 15n | | | | Editorial Team: Dave Wreski [email protected] | | Benjamin Thomas [email protected] | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Incident Analysis of a Compromised RedHat Linux 6.2 Honeypot," "Basic Steps in Forensic Analysis of Unix Systems," "Configuring a FreeBSD Access Point for your Wireless Network," and "Using SCP Through a Gateway." ==> FREE SSL Guide from Thawte Are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://www.gothawte.com/rd251.html This week, advisories were released for logwatch, ucdsnmp, IMP/HORDE, tcpdump, mail, and rshd. The vendors include OpenBSD, Red Hat, and SuSE. http://www.linuxsecurity.com/articles/forums_article-4791.html Find technical and managerial positions available worldwide. Visit the LinuxSecurity.com Career Center: http://careers.linuxsecurity.com +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Incident Analysis of a Compromised RedHat Linux 6.2 Honeypot April 10th, 2002 Your job, as a forensic investigator, is to do your best to comb through the sources of evidence -- disc drives, log files, boxes of removable media, whatever -- and do two things: make sure you preserve as much of this data in its original form, and to try to re-construct the events that occurred during a criminal act and produce a meaningful starting point for police and prosecutors to do their jobs. http://www.linuxsecurity.com/articles/intrusion_detection_article-4777.html * Basic Steps in Forensic Analysis of Unix Systems April 9th, 2002 Your job, as a forensic investigator, is to do your best to comb through the sources of evidence -- disc drives, log files, boxes of removable media, whatever -- and do two things: make sure you preserve as much of this data in its original form, and to try to re-construct the events that occurred during a criminal act and produce a meaningful starting point for police and prosecutors to do their jobs. http://www.linuxsecurity.com/articles/intrusion_detection_article-4760.html * Serious SOAP::Lite Security Hole Discovered April 9th, 2002 "This is a big one, and relates to how SOAP::Lite dispatches method calls at runtime, and how Perl executes dynamic method calls. The very best thing you can do is take down your SOAP servers until an update is available. http://www.linuxsecurity.com/articles/hackscracks_article-4768.html +------------------------+ | Network Security News: | +------------------------+ * Can you trust an ethical hacker? April 12th, 2002 Here is an interview with Bill Pepper of CSC who uses ethical hackers for testing and security processes. "Bill Pepper is head of security risk management at consulting firm CSC, a role which involves advising clients on security issues and managing the company's so-called ethical hackers. He has worked in information security for over 35 years, including time with the Royal Air Force, and is currently deputy chairman of the British Computer Society's Certificate in Information Security Management Board." http://www.linuxsecurity.com/articles/hackscracks_article-4794.html * Configuring a FreeBSD Access Point for your Wireless Network April 11th, 2002 This article describes how to configure a PC running FreeBSD to serve as an access point (AP) for your wireless network. This FreeBSD access point does not need to be a server or desktop machine. Indeed, many people recommend using an old laptop. You don't need much processing power either; a 386 or 486 will do. http://www.linuxsecurity.com/articles/network_security_article-4781.html * Using SCP Through a Gateway April 11th, 2002 Quick summary on some scp tricks. "Recall that the command: "$ scp ... S:file ..." actually runs ssh in a subprocess to connect to S and invoke a remote scp server. Now that we've gotten ssh working from client C to server S, you'd expect that scp would work between these machines with no further effort. http://www.linuxsecurity.com/articles/cryptography_article-4790.html * Monitoring reduces security risks April 11th, 2002 Counterpane today released statistics to back its claim that customers of its monitoring services are far less likely to have their networks penetrated. In the first quarter of 2002, Counterpane monitored approx. 200 networks worldwide and processed 31 billion network events. http://www.linuxsecurity.com/articles/intrusion_detection_article-4787.html * Denial-of-service attacks still a threat April 10th, 2002 Denial-of-service (DOS) attacks continue to present a significant security threat to corporations two years after a spate of incidents brought down several high-profile sites, including those of Yahoo Inc. and eBay Inc., users and analysts report. http://www.linuxsecurity.com/articles/server_security_article-4771.html * Setting up a strong Linux firewall April 10th, 2002 In most organisations, network security has become interwoven with standard network and system administration. Threats in the form of malicious hackers, self-propagating worms, denial of service attacks, and other nefarious security problems loom large for administrators. http://www.linuxsecurity.com/articles/firewalls_article-4775.html +------------------------+ | Cryptography: | +------------------------+ * The Risks of Short RSA Keys April 12th, 2002 Millions of users of the World Wide Web rely on a single cryptographic protocol, SSL, to make secure connections to remote web servers. The flexibility and ease of use of SSL, which is built into browser and server software, gives them confidence in the security of their data. http://www.linuxsecurity.com/articles/cryptography_article-4796.html +------------------------+ | Vendor/Products: | +------------------------+ * How to detect intruders with ACID April 11th, 2002 All it takes is time and free software to set up a powerful intrusion detection system for your Unix system. Follow along as Joe Barr installs ACID on his system and discovers a big security hole. I wanted to try ACID ever since someone rooted my server last year. Mind you, not the hallucinogen LSD, though at the time I might have been tempted. http://www.linuxsecurity.com/articles/intrusion_detection_article-4780.html * Snort Version 1.8.6 Released April 11th, 2002 This is the first official announcement of a new Snort version in several months and it contains a multitude of fixes over previous versions. While the official releases have gone very slowly lately, the development of snort has picked up immensely. http://www.linuxsecurity.com/articles/intrusion_detection_article-4783.html +------------------------+ | General: | +------------------------+ * IT security a must for small-business survival April 11th, 2002 The Computer Emergency Response Team (Cert) has released a report pinpointing the six fastest evolving trends in the black hat world of internet security. The organisation, which has been monitoring hacker activity since 1998, found that the most notable trend to evolve over recent years is the automation and speed of attack tools. http://www.linuxsecurity.com/articles/security_sources_article-4757.html * Overview of Attack Trends April 8th, 2002 The CERT Coordination Center has been observing intruder activity since 1988. Much has changed since then, from our technology to the makeup of the Internet user community, to attack techniques. In this paper, we give a brief overview ofrecent trends that affect the ability of organizations (and individuals) to use the Internet safely. http://www.linuxsecurity.com/articles/security_sources_article-4789.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email [email protected] with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
LinuxSecurity.com: Weekly Newsletter, April 15th, 2002
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis