Linux Network Security - Page 47

Discover Network Security News

Mail Scanning With Exim And The Exiscan ACL

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With all the spam and viruses circulating the Internet these days, any network admin worth his or her salt will have appropriate filters in place to prevent these irritants from getting to users and customers. My predecessor, unfortunately, was worth far less than that, so my first task upon assuming the role of a systems administrator for a small ISP was to establish a mail filter. With no previous experience with a mail filtering system, I dug in and started my research. After reviewing open source solutions such as AmaViS and MailScanner and commercial solutions such as Postini and Mail Warden, I settled on Exim with the Exiscan-ACL plugin. . . .

Anthony Pell
Apr 13, 2004

Expert releases Cisco wireless hacking tool

The tool, called "Asleap," allows users to scan the wireless network broadcast spectrum for networks using LEAP (Lightweight Extensible Authentication Protocol), capture wireless network traffic and crack user passwords, according to a message posted to the Bugtraq online security discussion group on Wednesday. . . .

Anthony Pell
Apr 12, 2004

Networking improvements in the 2.6 kernel

The new Linux 2.6 kernel offers many improvements over the 2.4 version. One area of technical advancement is in the kernel networking options. Although there are enhancements in most of the files associated with the networking options, this article focuses on major feature improvements and additions that affect entire sections rather than on specific files. Specifically, in this article we will address improvements to the Networking File System (NFS) and Internet Protocol Security (IPSec). We will also meet two new members of the TCP/IP protocol family, Stream Control Transmission Protocol (SCTP) and Internet Protocol version 6 (IPv6). . . .

Anthony Pell
Apr 07, 2004

Secret hackers to aid war on internet fraud

FEARS that small online retailers are the weakest link in the fight against internet fraud have prompted MasterCard, the global payment scheme group, to set up secret teams of hackers to test security systems in the sector. The Times has learnt that the project, named Site Data Protection (SDP), will go live in May and will target online outlets that fail to comply with appropriate levels of internet security. SDP teams will be recruited by the banks that have relationships with online merchants whose systems do not come up to scratch. Brian Morris, head of e-business solutions at MasterCard, said that while large online retailers had robust internet security systems, small and medium-size enterprises (SMEs) "could benefit from the assistance". . . .

Anthony Pell
Apr 07, 2004

The Myth of the Secure Operating System?

An exercise for the reader: what is wrong with this picture? Laura DiDio is also known to the Linux community for her statements to the effect that SCO has a serious case. But the question here is different -- does the underlying OS make any difference to security? If not, is there a reason to care about such useless innovations as SELinux? Or should we simply take Ms. DiDio's advice: "Don't even argue those merits. Every piece of software that is connected is potentially vulnerable and at risk." . . .

Anthony Pell
Apr 05, 2004

Whose Site is it Anyway?

People who buy things online may be familiar with the closed-lock padlock in the bottom right hand corner of their screens. While this is meant to provide a sense of security, how many Internet shoppers actually know what it refers to? In fact the padlock is there to show that at that particular time i.e. on the current web page communications with that site will be secured using encryption based on a protocol called SSL - or Secure Socket Layer (see explanation). In an ecommerce transaction, SSL achieves two things. It authenticates to the user the identity of the organisation responsible for the site in question and ensures that any information transmitted between the purchaser's web browser and the merchant's web site is protected from potential eavesdroppers or hackers listening in from anywhere on the Internet. . . .

Anthony Pell
Apr 01, 2004

Protecting yourself against mini-DDoS attacks

These are distributed denial of service attacks small enough to fly below the security radars of ISPs and law enforcement agencies, but potent enough to shut down cable or DSL modems connections. . . .

Anthony Pell
Mar 30, 2004

Protecting enterprise VOIP environments

Communications through the public, IP-based network are kept private and secure by 3DES, 128 bit encryption and attack prevention. There is also user authentication and access to the management interface is secured by RADIUS, X.509 digital certificate. . . .

Anthony Pell
Mar 26, 2004

EU Commissioner makes his views felt on European Network Security

In today's society, much depends on networks and information systems. Additional requirements for security will rapidly increase as networking and computing develop further and electronic communications become part of all aspects of our daily lives. For instance broadband connections offer people the possibility to be "always on". . . .

Anthony Pell
Mar 25, 2004

Network Troubleshooting A Complex Process Made Simple

Gideon T. Rasmussen writes, "The most efficient manner to troubleshoot a network issue is to approach it in a systematic way. Start by gathering background information; then troubleshoot following the Open System Interconnection (OSI) networking model." . . .

Anthony Pell
Mar 23, 2004

VoIP - Vulnerability over Internet Protocol

The VoIP 'revolution' has been talked of since the 1990's as the 'next big thing' in the enterprise telecoms sector; saving companies vast amounts of money on both call charges and internal network infrastructure and support costs. But just as the VoIP market is finally taking a cautious step towards delivering some of its long-overdue promise, the increasing priority of IT security may force it two steps back. . . .

Anthony Pell
Mar 22, 2004

Using key-based authentication over SSH

SSH, or secure shell, is a protocol by which users can remotely log in, administer, or transfer files between computers using an encrypted transport mechanism. Running over every major operating system, SSH provides a more secure connection method than traditional telnet or the much-maligned "r commands" (rlogin, rcp, rsh). . . .

Anthony Pell
Mar 19, 2004

Detection of SQL Injection and Cross-site Scripting Attacks

In this article, we've presented different types of regular expression signatures that can be used to detect SQL Injection and Cross Site Scripting attacks. Some of the signatures are simple yet paranoid, in that they will raise an alert even if there is a hint of an attack. But there is also the possibility that these paranoid signatures may result in false positives. To take care of this, we've then modified the simple signatures with additional pattern checks so that they are more accurate. We recommend that these signatures be taken as a starting point for tuning your IDS or log analysis methods, in the detection of these Web application layer attacks. After a few modifications, and after taking into account the non-malicious traffic that occurs as part of your normal Web transactions, you should be able to accurately detect these attacks. . . .

Anthony Pell
Mar 18, 2004

Mitigating the Complexities of Security Management

An optimal security posture, and one that eliminates the complexities of security management, is one that takes into account each of these four security disciplines. Adherence to best practices within these four fronts will reduce the costs of enterprise protection and lower risks while enhancing security resource allocation and inefficiencies. . . .

Anthony Pell
Mar 17, 2004

Outsourcing: Losing Control

A woman in Pakistan recently struck fear among IT executives whooutsource. She had obtained sensitive patient documents from theUniversity of California, San Francisco, Medical Center through amedical transcription subcontractor that she worked for, and shethreatened to post the files on the Internet unless she was paid moremoney. . . .

Anthony Pell
Mar 17, 2004

Explosive Cold War Trojan has lessons for Open Source exporters

A reminder of how important these are came last week with a revelation from the Cold War era, contained in a new book by a senior US national security official. Thomas Reed's At The Abyss recounts how the United States exported control software that included a Trojan Horse, and used the software to detonate the Trans-Siberian gas pipeline in 1982. The Trojan ran a test on the pipeline that doubled the usual pressure, causing the explosion. Reed was Reagan's special assistant for National Security Policy at the time; he had also served as Secretary of the Air Force from 1966 to 1977 and was a former nuclear physicist at the Lawrence Livermore laboratory in California. The software subterfuge was so secret that Reed didn't know about it until he began researching the book, 20 years later. . . .

Anthony Pell
Mar 16, 2004

Study: Spam Filters Often Lose E-Mails

As spam-fighting tools become increasingly aggressive, e-mail recipients risk losing newsletters and promotions they've requested. A new study attempts to quantify missed bulk mailings. Return Path, a company that monitors e-mail performance for online marketers, found that nearly 19 percent of e-mail sent by its customers never reached the inboxes of intended recipients. The figure, for the last half of 2003, is up 3.7 percentage points from the same period in 2002. . . .

Anthony Pell
Mar 12, 2004

Risk management seen as key to IT security

David Bauer, first vice president and chief information security and privacy officer at Merrill Lynch, gave his audience a historical perspective on the evolution of IT security, starting with the Morris worm attack of 1988. That attack took the Internet by surprise, he said. There were no tools to fight back and no source of reliable information. Responses were uncoordinated, and the result was "complete havoc," Bauer said. He contrasted that with the Mydoom attack last month, when Merrill Lynch combined good tools with a coordinated and carefully planned response to understand and contain the threat after just one infection. That attack, he said, was "just another event." . . .

Anthony Pell
Mar 12, 2004

Symbiot launches DDoS counter-strike tool

Security company Symbiot is about to launch a product that can hit back at hackers and DDoS attacks by lashing out with its own arsenal of tricks, but experts say it may just be a bit too trigger-happy. Symbiot, a Texas-based security firm, is preparing to launch a corporate defence system at the end of March that can fight back against distributed denial-of-service (DDoS) and hacker attacks by launching a counter-strike. . . .

Anthony Pell
Mar 11, 2004

VLANs on Linux

To begin, we must have a more formal definition of what a LAN is. LAN stands for local area network. Hubs and switches usually are thought of as participating in a single LAN. Normally, if you connect two computers to the same hub or switch, they are on the same LAN. Likewise, if you connect two switches together, they are both on the same LAN. . . .

Anthony Pell
Mar 11, 2004

Linux Network Security - Page 47

Harnessing Proxies for Enhanced Threat Intelligence: A Guide with Open Source Tools

Understanding HTTP Proxy Servers: A Vital Linux Network Security Tool

Exploring Vulnerability Scanners: Tools & Strategies for a Secure Network