+---------------------------------------------------------------------+
|  LinuxSecurity.com                           Linux Security Week    |
|  September 4, 2000                           Volume 1, Number 18n   |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave@linuxsecurity.com    |
|                   Benjamin Thomas         ben@linuxsecurity.com     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security
newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security
headlines.

Security advisories can now be found in our new publication, "Linux
Advisory Watch," distributed on Friday mornings.  We hope that this
change in format makes focusing on patching system vulnerabilities
easier. If you were a subscriber of this newsletter prior to 09/01/00,
you have automatically been included as a member of the new advisory
list.

Advisories: http://www.linuxsecurity.com/advisories.html

Our feature this week, "Setting up a Linux Log Server to enhance
System Security," provides clear step-by-step information on how to
setup
a log server. The article covers topics ranging from  configuring
/etc/syslogd.conf to adding firewall rules.  It complements last weeks
article, "A Complete Reference Guide to Creating a Remote Log Server."
This article will prove to be very helpful.

http://www.linuxsecurity.com/feature_stories/feature_story-65.html

Our sponsor this week is WebTrends.  Their Security Analyzer has the
most
vulnerability tests available for Red Hat & VA Linux.  It uses advanced
agent-based technology, enabling you to scan your Linux servers from
your
Windows NT/2000 console and protect them against potential threats. Now
with over 1,000 tests available.

http://www.webtrends.com/redirect/linuxsecurity1.htm

HTML Version available:
http://www.linuxsecurity.com/newsletter.html


+---------------------+
| Host Security News: | <<-----[ Articles This Week ]-----------------+
+---------------------+


* Intrusion Detection Level Analysis of Nmap and Queso
August 31st, 2000

The purpose of this paper is to help Intrusion detection analysts and
firewall administrators identify NMAP & QUESO scans. This paper will
provide bit level analysis in detecting NMAP and QUESO scans. This
type of analysis is vital for individuals who are performing firewall
administration and need to understand more details relating to these
scanners and the scans they perform.

http://www.linuxsecurity.com/articles/intrusion_detection_article-1471.html


* PAM - Pluggable Authentication Modules
August 31st, 2000

PAM (Pluggable Authentication Modules) provides the backbone of most
authentication in  modern Linux systems (and can be implemented in
others, such as Solaris), yet it is typically  ignored and woefully
under-utilized. Anytime you log into a modern Linux system, whether
via  telnet, ssh, pop, ftp, and so on, you are using PAM to process
the authentication  request.

http://www.linuxsecurity.com/articles/host_security_article-1474.html


* Anyone with a Screwdriver Can Break In!
August 28th, 2000

This article will discuss the second weakest layer of computer
security, Physical Security1. As we'll see, any attacker with
physical access to a computer, a little ingenuity, and sufficient
time can compromise the system.   By way of example, I'll demonstrate
attack and defense on a Red Hat Linux box and show how you might slow
down, or even prevent, these kinds of attacks. You don't need a Linux
machine, or even technical responsibility, for this article to be
useful.

http://www.linuxsecurity.com/articles/general_article-1444.html



+------------------------+
| Network Security News: |
+------------------------+

* Inexpensive measures to solve security problems
September 1st, 2000

Computer security is difficult to achieve. It requires constant
vigilance, and it involves inconvenience. Sometimes, expensive
products are offered that are claimed to solve your security problems
with no problems, and they do not deliver. However, there are a
number of inexpensive measures that would seem to solve a lot of
security problems that aren't being used.

http://www.linuxsecurity.com/articles/network_security_article-1480.html


* Attacking Linux
August 30th, 2000

Network scanning, password grabbing, trojaned software -- all are the
bane of the  righteous sysadmin. Craig Ozancin reveals how to beef up
network security and ward  off attackers at the LinuxWorld Expo, as
reported by Rick Moen.

http://www.linuxsecurity.com/articles/hackscracks_article-1468.html


* Firewalls - Placement
August 29th, 2000

Security is no good if it isn't in the right place. Think about a
modern office building - where are the doors with locks? The lobby
doors can always be locked, and usually the doors on each floor have
locks as well. If only the office doors had locks, the building would
be less secure. More security guards would be needed to make sure no
one is trying to force a door.

http://www.linuxsecurity.com/articles/firewalls_article-1460.html



+--------------------+
| Cryptography News: |
+--------------------+

* The Emotional Side of Cryptography
August 31st, 2000

Encrypting data before storage or transmission involves a bit of
extra work. This often means that people who ought to be using
encryption, instead of relying on the assumption that their data will
not be intercepted, fail to do so. But it is also true that some of
the people who use encryption are keenly aware of the importance of
keeping their information secret.

http://www.linuxsecurity.com/articles/cryptography_article-1473.html


* Ain't no network strong enough
August 31st, 2000

Master cryptographer Bruce  Schneier's "Secrets and Lies"  explains
why computer security is an  oxymoron. Bruce Schneier, master
cryptographer and idol of the computer  underground, targets those
short-attention-spanners in his latest  book, "Secrets and Lies:
Digital Security in a Networked  World." Aiming straight for the
vaunted "general audience," he  peppers the 400-plus pages with Yogi
Berra quotes, analogies  drawn from "Star Wars" and trivia tidbits
from Greek  mythology.

http://www.linuxsecurity.com/articles/cryptography_article-1476.html


* Encryption Could Starve Carnivore
August 28th, 2000

Even as the FBI slowly releases details of its Carnivore  e-mail
wiretap technology, software developers are  readying schemes to
starve Carnivore of meaningful  data. ChainMail and Sigaba are among
the companies  promoting encryption technology designed to render
any captured e-mail meaningless to third parties.

http://www.linuxsecurity.com/articles/cryptography_article-1453.html


* The next era for Internet security
August 28th, 2000

Security insiders have had the date circled on  their calendars for
years. What's going to  happen when RSA's encryption and  decryption
patents expire next month? A milestone in the history of technology
is set to  occur next month when RSA Security Inc. patents,
fundamental to most Internet security, expire.

http://www.linuxsecurity.com/articles/general_article-1451.html



+----------------------------+
| Vendor/Product/Tools News: |
+----------------------------+

* Review of Debian 2.2 Security
August 30th, 2000

I wanted to write a really positive article about Debian 2.2, which
was just released a few weeks ago. Unfortunately, I can't. While
Debian itself is a reasonably well-done Linux distribution, it has
some major security issues.

http://www.linuxsecurity.com/articles/host_security_article-1465.html


* Justice shops for Carnivore review
August 28th, 2000

The Justice Department has officially begun shopping for a university
to conduct an independent technical review of Carnivore, the e-mail
bugging system.   The request for proposals was posted on the
department's World Wide Web site Aug. 23, and Attorney General Janet
Reno said proposals are due Sept. 6.

http://www.linuxsecurity.com/articles/government_article-1448.html


+---------------+
| General News: |
+---------------+

* ICMP Usage in Scanning version 2.0
September 3rd, 2000

The Internet Control Message Protocol is one of the debate full
protocols in the TCP/IP protocol suite regarding its security
hazards. There is no consent between the experts in charge for
securing Internet networks (Firewall Administrators, Network
Administrators, System Administrators, Security Officers, etc.)
regarding the actions that should be taken to secure their network
infrastructure in order to prevent those risks. In this paper Ofir
Arkin has tried to outline what can be done with the ICMP protocol
regarding scanning.

http://www.linuxsecurity.com/articles/documentation_article-1485.html


* Justice shops for Carnivore review
September 1st, 2000

Since the public learned of Carnivore in early July, members of
Congress, privacy advocates and civil liberties organizations have
expressed serious concerns over its use and potential for abuse.
The request for proposals notes some of the concerns, including that
the system could provide investigators with more information than
legally allowed by a court order or be used for unlawful invasions of
privacy.

http://www.linuxsecurity.com/articles/privacy_article-1478.html


* Interview with Lance Spitzner
September 1st, 2000

Lance is a former officer in the Army's Rapid Deployment Force, and
the author of numerous Whitepapers on computer security.  In his own
words: "I'm a geek who constantly plays with computers, especially
network security. I love security because it is a constantly changing
environment, your job is to do battle with the bad guys."

http://www.linuxsecurity.com/articles/forums_article-1481.html


* To Tell, or Not to Tell?
August 30th, 2000

Some "bug  hunters" who uncover security flaws in  computer software
and rush to issue public  warnings may be helping hackers more than
consumers, industry officials worry.  It's a thorny issue that
divides security specialists.  Many argue that fast, full disclosure
of a vulnerability alerts  computer users to take precautions and
pushes software  makers to provide a quick solution.

http://www.linuxsecurity.com/articles/hackscracks_article-1469.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email newsletter-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".