[ISN] Linux Security Week - May 3rd 2004

InfoSec News isn at c4i.org
Tue May 4 07:20:03 EDT 2004

|  LinuxSecurity.com                            Weekly Newsletter     |
|  May 3rd, 2004                                 Volume 5, Number 18n |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave at linuxsecurity.com    |
|                   Benjamin Thomas         ben at linuxsecurity.com     |

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, perhaps the most interesting articles include "File and email
encryption with GnuPG," "Managing Security for Mobile Users," and "Prelude
IDS Framework: Open Source Security's Best Kept Secret."


 >>>> FREE GUIDE-128-bit encryption <<

Thawte is one of the few companies that offers 128 bit supercerts. A
Supercert will allow you to extend the highest allowed 128 bit encryption
to all your clients even if they use browsers that are limited to 40 bit

Download a guide to learn more:


This week, advisories were released for eterm, mc, the Linux kernel,
ssmtp, LCDproc, xine, samba, and sysklogd. The distributors include
Debian, Guardian Digital's EnGarde Linux, Fedora, Gentoo, Mandrake, Red
Hat, and Slackware.



Guardian Digital Launches Next Generation Internet Defense & Detection

Guardian Digital has announced the first fully open source system designed
to provide both intrusion detection and prevention functions. Guardian
Digital Internet Defense & Detection System (IDDS) leverages best-in-class
open source applications to protect networks and hosts using a unique
multi-layered approach coupled with the security expertise and ongoing
security vigilance provided by Guardian Digital.



 >>>> Bulletproof Virus Protection <<

Protect your network from costly security breaches with Guardian Digital's
multi-faceted security applications.  More then just an email firewall, on
demand and scheduled scanning detects and disinfects viruses found on the



Interview with Siem Korteweg: System Configuration Collector

In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open
source, and information on future developments.



-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

| Host Security News: | <<-----[ Articles This Week ]----------

* Linux Vulnerable to Infiltration
April 29th, 2004

Linux source code could be infiltrated by dubious elements, including
spies, according to a white paper released by Dan O'Dowd, chief executive
officer of Green Hills Software Inc.  This is his second white paper in a
series that his company describes as being focused on "the urgent security
threat posed by the use of the Linux operating system in U.S. defense
systems, including the Future Combat System and Global Information Grid."


* Management central to securing Linux
April 29th, 2004

After performing more security assessments than he can count, Gijo Mathew
has seen every worst practice imaginable. He's even seen an IT shop
replace virus-violated data with an unpatched backup that succumbed to the
same virus. A security strategist for Computer Associates International
Inc., Mathew has 10 years of experience in software development, computer
technology, networks and security.


* Open source databases climb corporate ladder
April 28th, 2004

Analysts are telling companies committed to open source software that the
time is right to consider an open source database server. Vendors like
MySQL and SleepyCat are adding more enterprise-class functionality to the
software, and that could eventually threaten the hold Oracle, IBM and
Microsoft have on the market.


* File and email encryption with GnuPG (PGP) part six
April 28th, 2004

Last time I showed you how to exchange and verify public PGP keys with an
individual. After you've verified a user's key (KeyID, bits, type,
fingerprint, and user's actual identity) you should sign their key.
Signing a key tells the PGP software (GnuPG in most cases for us Linux
heads) that you've acknowledged the key is legitimate when verifying the
signature. Let's take a look at the different verification possibilities.


* What is gpgdir?
April 26th, 2004

gpgdir is a perl script that uses the CPAN GnuPG module to encrypt and
decrypt directories using a gpg key specified in ~/.gpgdirrc. gpgdir
supports recursively descending through a directory in order to make sure
it encrypts or decrypts every file in a directory and all of its
subdirectories. In order to help save space all files are compressed using
gzip before being encrypted and decompressed upon decryption.


| Network Security News: |

* Protecting Road Warriors: Managing Security for Mobile Users
April 29th, 2004

Managing security within the confines of an organization or enterprise is
a difficult job. Worms, viruses, spam, malware, port scans and perimeter
defense probes are constant threats. Servers and desktop systems require
regular patching and monitoring, and IDS signatures and firewall rules are
under constant review and tweaking.


* Prelude IDS Framework: "Open Source Security's Best Kept Secret"
April 28th, 2004

Everyone both involved in information security and many that are not have
heard of Snort NIDS (Network Intrusion Detection System). But not many
have heard of a little jewel by the name of Prelude. Prelude is an open
source framework for building distributed Hybrid Intrusion Detection
Systems (HIDS). The reason it is called 'Hybrid' is that it utilizes
sensors which are network based (NIDS).


* DOD decentralizes Wi-Fi
April 27th, 2004

The Defense Department's new wireless fidelity policy seeks help from many
of its agencies to ensure their employees and contractors use caution when
operating wireless computer devices at military installations.


| General Security News: |

* Quantum crypto coming to light
April 30th, 2004

Quantum cryptography, a technology that uses photons to encrypt
communications over fibre-optic lines and the air, is starting to come out
of the laboratory and into commercial use.


* Security has its privileges
April 30th, 2004

Maybe an innocent bystander can be excused for not seeing and stopping a
crime about to happen, but IT security administrators can't. They need to
keep their eyes open, according to Gijo Mathew, a security strategist for
Computer Associates International Inc.

Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.

More information about the ISN mailing list