For those of you especially using Red Hat, you might find this of interest. ---------- Forwarded message ---------- Date: Tue, 1 Aug 2000 19:59:59 From: ITworld Newsletters <itwnews@xxxxxxxxxxx> To: showell at n3byy.yi.org Subject: Linux Security -- Linux Security Tools LINUX SECURITY --- August 01, 2000 Published by ITworld.com, the IT problem-solving network http://www.itworld.com/newsletters ********************************************************************* HIGHLIGHTS * Tools of the security trade ********************************************************************* ADVERTISEMENT VeriSign -- THE INTERNET TRUST COMPANY Secure all your Web servers now -- with a proven 5-part strategy. The FREE Server Security Guide shows you how: * DEPLOY THE LATEST ENCRYPTION and authentication techniques * DELIVER TRANSPARENT PROTECTION with the strongest security without disrupting users -- and more. Get your FREE guide now: http://ad.doubleclick.net/clk;1558657;4419578;a ********************************************************************* A Few "Must Have" Linux Security Tools by Rick Johnson With literally thousands of Linux Security related tools out there, how do you know which ones you need? Well, only you can answer that; I can only list a few of the ones in my arsenal. While those I trust have recommended some, most were found through rigorous testing and plain old dumb luck. * Nmap (http://www.insecure.org/nmap) - Nmap is a utility for port scanning large networks or a single host. This should be at the core of every Security Engineers toolkit. A few of the supported features of nmap include TCP SYN scanning, stealth scanning, ftp bounce attack, SYN/FIN scanning using IP fragments, ping-sweep, Direct RPC scanning, and even Remote OS Identification by TCP/IP Fingerprinting. * Nessus (http://www.nessus.org) - Nessus is another remote scanner. It currently performs around 400 remote security checks. Nessus also has incredible reporting capabilities with text and graphed HTML output. Not only will it point out problems, but it also suggests a solution for each of them. One interesting feature is that it will not consider that a given service is running on a fixed port -- that is, if you run your Web server on port 1234, Nessus will detect it and test its security. It will not make its security tests regarding the version number of the remote services, but will really attempt to exploit the vulnerability. * Linux Security Quick Reference Card (http://www.linuxsecurity.com/docs) - This card, written by Dave Wreski, gives you one easy-to-use reference point for the basics of securing your system. Contained within are references to security resources around the net, tips on securing your Linux box, and general security information. I highly recommend keeping it on your desk. * StackGuard (www.immunix.org) - StackGuard is a compiler that makes programs much less vulnerable to buffer overflow attacks. Using the compiler requires no source code changes at all. StackGuard does integrity checks on the stack so that it cannot be corrupted by buffer overflows without being detected. When a buffer overflow does happen, StackGuard notices and halts the program before the attacker can take control and do damage. They have even gone so far as to rebuild RedHat 6.2 using this marvel of compiling innovation and the result is the Immunix OS 6.2, which is available from the same site. These are only a few of the fine tools available to help keep your servers safe from evil. I know there are plenty that are worthy of mention here and if you are the developer of a product that is unique and worthy of mention, please drop me a line. I am always in the market for a new way to protect myself. Resources Forensics Getting to the bottom of a security breach. http://www.sunworld.com/sunworldonline/swol-07-2000/swol-0721-security.html The security consultant's toolbox Commercial products have their place, but nothing beats some of the better freeware tools. http://www2.itworld.com/cma/ett_article_frame/0,2848,1_1624,00.html An arsenal of attack tools http://www2.itworld.com/cma/ett_article_frame/0,2848,1_1642,00.html ************************************************************************ THE ESSENTIAL OPEN BOOK PROJECT The Essential Linux Open Book project needs you! We have one chapter completed and two others nearing completion. If you want to give something back to the community, do it now. http://www.linuxworld.com/linuxworld/idgbooks-openbook/home.html ************************************************************************ COMMUNITY DISCUSSION Linux Forum >From handhelds to supercomputers, the buzz is all about Linux and world domination -- but what does that mean for the Linux community? Join LinuxWorld's discussion forum to debate the issues, talk shop, and extend your knowledge of Linux. http://forums.itworld.com/webx?14@@.ee6b650 ************************************************************************ About the author ---------------- Rick Johnson is currently the Manager of Security Services for an emerging Managed Service Provider. When not writing, he heads the development team for PMFirewall, an Ipchains Firewall and Masquerading Configuration Utility for Linux. Rick can be contacted via email at rick at pointman.org or on the web at http://www.pointman.org. ********************************************************************* IT JOB SPOT Listen to that Little Voice You know that it's the best job market ever. You know you should check it out. Just click over to ITcareers.com and see the newest, freshest jobs from America's best companies. Use our Job Alert and let the good jobs find you. You?re one click away. http://ad.doubleclick.net/clk;1400812;4296573;d ********************************************************************* CUSTOMER SERVICE You can subscribe or unsubscribe to any of your e-mail newsletters by updating your form at: http://www.itworld.com/cgi-bin/w3-msql/newsletters/subcontent12.html? For subscription changes that cannot be handled via the web, please send an email to our customer service dept: support at itworld.com ********************************************************************* CONTACTS * For editorial comments, write Andrew Santosusso, Associate Editor, Newsletters at: andrew_santosusso at itworld.com * For advertising information, write Dan Chupka, Account Executive at: dan_chupka at itworld.com * For all other inquiries, write Jodie Naze, Product Manager, Newsletters at: jodie_naze at itworld.com ********************************************************************* Copyright 2000 ITworld.com, Inc., All Rights Reserved. http://www.itworld.com
