+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | May 3rd, 2004 Volume 5, Number 18n | | | | Editorial Team: Dave Wreski dave@xxxxxxxxxxxxxxxxx | | Benjamin Thomas ben@xxxxxxxxxxxxxxxxx | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "File and email encryption with GnuPG," "Managing Security for Mobile Users," and "Prelude IDS Framework: Open Source Security's Best Kept Secret." ---- >>>> FREE GUIDE-128-bit encryption << Thawte is one of the few companies that offers 128 bit supercerts. A Supercert will allow you to extend the highest allowed 128 bit encryption to all your clients even if they use browsers that are limited to 40 bit encryption. Download a guide to learn more: http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=thawten05 ---- LINUX ADVISORY WATCH: This week, advisories were released for eterm, mc, the Linux kernel, ssmtp, LCDproc, xine, samba, and sysklogd. The distributors include Debian, Guardian Digital's EnGarde Linux, Fedora, Gentoo, Mandrake, Red Hat, and Slackware. http://www.linuxsecurity.com/articles/forums_article-9248.html ---- Guardian Digital Launches Next Generation Internet Defense & Detection System Guardian Digital has announced the first fully open source system designed to provide both intrusion detection and prevention functions. Guardian Digital Internet Defense & Detection System (IDDS) leverages best-in-class open source applications to protect networks and hosts using a unique multi-layered approach coupled with the security expertise and ongoing security vigilance provided by Guardian Digital. http://www.linuxsecurity.com/feature_stories/feature_story-163.html ---- >>>> Bulletproof Virus Protection << Protect your network from costly security breaches with Guardian Digital's multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn04 -------------------------------------------------------------------- Interview with Siem Korteweg: System Configuration Collector In this interview we learn how the System Configuration Collector (SCC) project began, how the software works, why Siem chose to make it open source, and information on future developments. http://www.linuxsecurity.com/feature_stories/feature_story-162.html ---- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------+ | Host Security News: | <<-----[ Articles This Week ]---------- +---------------------+ * Linux Vulnerable to Infiltration April 29th, 2004 Linux source code could be infiltrated by dubious elements, including spies, according to a white paper released by Dan O'Dowd, chief executive officer of Green Hills Software Inc. This is his second white paper in a series that his company describes as being focused on "the urgent security threat posed by the use of the Linux operating system in U.S. defense systems, including the Future Combat System and Global Information Grid." http://www.linuxsecurity.com/articles/host_security_article-9243.html * Management central to securing Linux April 29th, 2004 After performing more security assessments than he can count, Gijo Mathew has seen every worst practice imaginable. He's even seen an IT shop replace virus-violated data with an unpatched backup that succumbed to the same virus. A security strategist for Computer Associates International Inc., Mathew has 10 years of experience in software development, computer technology, networks and security. http://www.linuxsecurity.com/articles/general_article-9247.html * Open source databases climb corporate ladder April 28th, 2004 Analysts are telling companies committed to open source software that the time is right to consider an open source database server. Vendors like MySQL and SleepyCat are adding more enterprise-class functionality to the software, and that could eventually threaten the hold Oracle, IBM and Microsoft have on the market. http://www.linuxsecurity.com/articles/general_article-9238.html * File and email encryption with GnuPG (PGP) part six April 28th, 2004 Last time I showed you how to exchange and verify public PGP keys with an individual. After you've verified a user's key (KeyID, bits, type, fingerprint, and user's actual identity) you should sign their key. Signing a key tells the PGP software (GnuPG in most cases for us Linux heads) that you've acknowledged the key is legitimate when verifying the signature. Let's take a look at the different verification possibilities. http://www.linuxsecurity.com/articles/documentation_article-9241.html * What is gpgdir? April 26th, 2004 gpgdir is a perl script that uses the CPAN GnuPG module to encrypt and decrypt directories using a gpg key specified in ~/.gpgdirrc. gpgdir supports recursively descending through a directory in order to make sure it encrypts or decrypts every file in a directory and all of its subdirectories. In order to help save space all files are compressed using gzip before being encrypted and decompressed upon decryption. http://www.linuxsecurity.com/articles/projects_article-9231.html +------------------------+ | Network Security News: | +------------------------+ * Protecting Road Warriors: Managing Security for Mobile Users April 29th, 2004 Managing security within the confines of an organization or enterprise is a difficult job. Worms, viruses, spam, malware, port scans and perimeter defense probes are constant threats. Servers and desktop systems require regular patching and monitoring, and IDS signatures and firewall rules are under constant review and tweaking. http://www.linuxsecurity.com/articles/network_security_article-9246.html * Prelude IDS Framework: "Open Source Security's Best Kept Secret" April 28th, 2004 Everyone both involved in information security and many that are not have heard of Snort NIDS (Network Intrusion Detection System). But not many have heard of a little jewel by the name of Prelude. Prelude is an open source framework for building distributed Hybrid Intrusion Detection Systems (HIDS). The reason it is called 'Hybrid' is that it utilizes sensors which are network based (NIDS). http://www.linuxsecurity.com/articles/projects_article-9242.html * DOD decentralizes Wi-Fi April 27th, 2004 The Defense Department's new wireless fidelity policy seeks help from many of its agencies to ensure their employees and contractors use caution when operating wireless computer devices at military installations. http://www.linuxsecurity.com/articles/government_article-9235.html +------------------------+ | General Security News: | +------------------------+ * Quantum crypto coming to light April 30th, 2004 Quantum cryptography, a technology that uses photons to encrypt communications over fibre-optic lines and the air, is starting to come out of the laboratory and into commercial use. http://www.linuxsecurity.com/articles/cryptography_article-9251.html * Security has its privileges April 30th, 2004 Maybe an innocent bystander can be excused for not seeing and stopping a crime about to happen, but IT security administrators can't. They need to keep their eyes open, according to Gijo Mathew, a security strategist for Computer Associates International Inc. http://www.linuxsecurity.com/articles/general_article-9249.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
