Thread: Linux Security News Roundup (incorrectly posted before as Linux Advisory Roundup, which is different)
View Single Post

  #1 (permalink)  
Old 07-22-2004
DaveAI
 
Posts: n/a
Default Linux Security News Roundup (incorrectly posted before as Linux Advisory Roundup, which is different)
This newsletter contains links to both original linux security content
and news items that might be of interest to those who are
administering a linux box with an eye to security.

-Dave

---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter
|
| July 19, 2004 Volume 5, Number 29n
|
|
|
| Editorial Team: Dave Wreski dave@linuxsecurity.com
|
| Benjamin Thomas ben@linuxsecurity.com
|
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security
newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "Denial-of-
service flaw fixed in Linux kernel", "The Hidden Treasures of
IPTables"
and "Quantum Crypto Network Debuts".

----

>> Bulletproof Virus Protection <<

Protect your network from costly security breaches with Guardian
Digital's multi-faceted security applications. More then just an
email firewall, on demand and scheduled scanning detects and
disinfects
viruses found on the network.

http://ads.linuxsecurity.com/cgi-bin...ct.pl?id=gdn04

----

LINUX ADVISORY WATCH:

This week, advisories were released for kernel, Ethereal, MoinMoin and
rsync. The distributors include EnGarde, Fedora, Gentoo and Mandrake.

http://www.linuxsecurity.com/article...icle-9520.html

----

Security Expert Dave Wreski Discusses Open Source Security

LinuxSecurity.com editors have a seat with Dave Wreski, CEO
of Guardian Digital, Inc. and respected author of various hardened
security and Linux publications, to talk about how Guardian Digital
is changing the face of IT security today. Guardian Digital is
perhaps best known for their hardened Linux solution EnGarde Secure
Linux, touted as the premier secure, open-source platform for its
comprehensive array of general purpose services, such as web, FTP,
email, DNS, IDS, routing, VPN, firewalling, and much more.

http://www.linuxsecurity.com/feature...story-170.html

---------------------------------------------------------------------

Catching up with Wietse Venema, creator of Postfix and TCP Wrapper

Duane Dunston speaks at length with Wietse Venema on his current
research projects at the Thomas J. Watson Research Center, including
his forensics efforts with The Coroner's Toolkit. Wietse Venema is
best
known for the software TCP Wrapper, which is still widely used today
and is included with almost all unix systems. Wietse is also the
author of the Postfix mail system and the co-author of the very
cool suite of utilities called The Coroner's Toolkit or "TCT".

http://www.linuxsecurity.com/feature...story-169.html

----

--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------+
| Host Security News: | <<-----[ Articles This Week ]----------
+---------------------+

* PHP Zaps Security Leaks
July 19th, 2004

The open-source PHP Group has released a fix for a pair of security
holes that could be exploited to execute arbitrary code on remote PHP
servers. The flaws affect PHP versions 4.3.7 and prior and
version 5.0.0RC3 and prior.

http://www.linuxsecurity.com/article...icle-9522.html

* Denial-of-service flaw fixed in Linux kernel
July 16th, 2004

Gentoo has fixed a vulnerability in the 2.6 Linux kernel that could
be exploited for a remote denial-of-service attack. The company calls
this a "high-impact" flaw and recommends users update to newer
versions of the kernel.

http://www.linuxsecurity.com/article...icle-9521.html

* Automate backups on Linux
July 12th, 2004

The loss of critical data can prove devastating. Still, millions of
professionals ignore backing up their data. While individual reasons
vary, one of the most common explanations is that performing routine
backups can be a real chore. Because machines excel at mundane and
repetitive tasks, the key to reducing the inherent drudgery and the
natural human tendency for procrastination, is to automate the backup
process.

http://www.linuxsecurity.com/article...icle-9494.html

* NIST helps on security budgets
July 12th, 2004

Agency officials struggling to include information-security outlays
in their budget requests may find help in a publication released
today by the National Institute of Standards and Technology. The
draft document, NIST Special Publication 800-65, presents seven steps
to ensure that information technology budget requests meet the
requirements of the Federal Information Security Management Act of
2002.

http://www.linuxsecurity.com/article...icle-9499.html

+------------------------+
| Network Security News: |
+------------------------+

* The Hidden Treasures of IPTables
July 16th, 2004

With these powerful add-ons for iptables you can match strings or
port ranges in iptables rules or even create a tar pit for network
abusers.

http://www.linuxsecurity.com/article...icle-9519.html

* SSH2, Part 1: Securing Your Telnet Session
July 14th, 2004

This may seem an obscure UNIX topic I'm about to talk about, but keep
watching. SSH is a very important and useful program if you're at all
concerned about security. And it's absolutely indispensable if you
use wireless networking.

http://www.linuxsecurity.com/article...icle-9507.html

* Choose the Best FTP Server
July 13th, 2004

A FTP server does the heavy lifting of security, organization, and
transfer control, while clients usually just take part in saving
transferred files to a specified location on your hard drive. If you
are really into business and plan on spending money on your FTP
server, you'll want to focus on what kind of qualities and
characteristics the software provides.

http://www.linuxsecurity.com/article...icle-9501.html

* Quantum Crypto Network Debuts
July 14th, 2004

Quantum cryptography has the potential to guarantee perfectly secure
communications, but until now all of the prototype systems have been
point-to-point links rather than networks that share connections. BBN
Technologies, Harvard University and Boston University researchers
have built a six-node quantum cryptography network that operates
continuously to provide a way to exchange secure keys between BBN and
Harvard, which is about 10 kilometers away.

http://www.linuxsecurity.com/article...icle-9509.html

+------------------------+
| General Security News: |
+------------------------+

* Open Source: Get With the Program
July 19th, 2004

Open Source is changing the software industry. It will change it
forever. There is no going back. Let's consider some statistics. A
number of Open Source products are market leaders

http://www.linuxsecurity.com/article...icle-9523.html

* Fighting spam on Linux
July 15th, 2004

Security management vendor IntelliReach Corp. of Dedham, Mass.,
announced today the new version of its MessageScreen spam and content
filtering appliance supports SuSE Linux.

http://www.linuxsecurity.com/article...icle-9513.html

* Pssst--wanna buy some source code?
July 15th, 2004

A group of self-identified hackers has set up shop online to sell
what it claims are files containing confidential software code--and
it says it's ready to take orders for more.

http://www.linuxsecurity.com/article...icle-9515.html
Reply With Quote