Author: Benjamin D. Thomas
released for eterm, mc, the Linux kernel, ssmtp, LCDproc, xine, samba, and sysklogd.
The distributors include Debian, Guardian Digital’s EnGarde Linux, Fedora, Gentoo,
Mandrake, Red Hat, and Slackware.
Wireless Security
Over the years security
and network administrators have been reluctant to adopt wireless networking
technologies in corporate environments. Will it provide an easy path of entry
into the LAN? Will internal servers be accessible from the outside? Sometimes
is necessary to implement wireless networks in an office building because of
special circumstances, or pressures from management to adopt the latest technology.
Installing a wireless network may be inevitable, if so how should it be approached?
As with all security projects,
a wireless security policy should be created. This should define the purpose
and scope of the wireless network, who is going to be using it, how it should
be used, etc. Also, an analysis of newly introduced threats should be formalized.
This will enable the network to be designed in a matter that minimizes risk.
The wireless network should
be treated as an untrusted network. Precautions such as placing a firewall between
the wireless network and internal LAN, requiring strong authentication, and
conducting regular vulnerability assessments. When connecting to the trusted
LAN over a wireless network, a VPN should be used. If not, it is advisable to
only stick to secure protocols such as SSH & SSL.
Wireless access points
should be regularly audited and configured in the most secure manner. Passwords
and WEP keys should be as defined in the Wireless Security Policy. Also, it
is important to periodically check for rogue wireless access points by warwalking.
Access points are ideally placed in the center of buildings. This reduces the
available signal strength to outsiders.
Because the wireless workstations
are on an untrusted network, it is imperative that they are kept secure. This
can be done by using host-based firewalls, IDS, keeping patches up-to-date,
and configuration scanning. Hosts should be regularly scanned and monitored.
By taking these precautions it is possible to implement wireless networking
without significantly increasing risks to an organization’s information security.
Until next time, cheers!
Benjamin D. Thomas
LinuxSecurity
Feature Extras:
Next
Generation Internet Defense & Detection System
– Guardian Digital has announced the first fully open source system designed
to provide both intrusion detection and prevention functions. Guardian Digital
Internet Defense & Detection System (IDDS) leverages best-in-class open
source applications to protect networks and hosts using a unique multi-layered
approach coupled with the security expertise and ongoing security vigilance
provided by Guardian Digital.Interview
with Siem Korteweg: System Configuration Collector
– In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open source,
and information on future developments.Security:
MySQL and PHP
– This is the second installation of a 3 part article on LAMP (Linux Apache
MySQL PHP). In order to safeguard a MySQL server to the basic level, one has
to abide by the following guidelines.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]
| Distribution: | Debian | ||
| 4/28/2004 | kernel | ||
| 2.4.16 Multiple vulnerabilities Several serious problems have been discovered in the Linux kernel. This |
|||
| 4/29/2004 | eterm | ||
| Missing Input Sanitising H.D. Moore discovered several terminal emulator security issues |
|||
| 4/29/2004 | mc | ||
| Several Vulnerabilities Jacub Jelinek discovered several vulnerabilities in the Midnight Commander, |
|||
| Distribution: | EnGarde | ||
| 4/28/2004 | ‘kernel’ Several security and bug fixes |
||
| Several Vulnerabilities This update fixes numerous vulnerabilities in the Linux Kernel. |
|||
| 4/28/2004 | kernel | ||
| Multiple vulnerabilities This patch resolves a number of kernel vulnerabilities, uncluding ones involving |
|||
| Distribution: | Fedora | ||
| 4/23/2004 | kernel | ||
| Multiple vulnerabilities This patch fixes a large variety of vulnerabilities in the 2.4.22 kernel, |
|||
| Distribution: | Gentoo | ||
| 4/28/2004 | ipsec-tools and iputils Denial of service vulnerability |
||
| Multiple vulnerabilities Attackers may be able to craft an ISAKMP header of sufficient length to |
|||
| 4/28/2004 | ssmtp | ||
| Multiple vulnerabilities Multiple format string vulnerabilities may allow an attacker to run arbitrary |
|||
| 4/28/2004 | LCDproc | ||
| Multiple vulnerabilities Multiple remote vulnerabilities have been found in the LCDd server, allowing |
|||
| 4/28/2004 | xine | ||
| Multiple vulnerabilities Several vulnerabilities have been found in xine-ui and xine-lib, potentially |
|||
| 4/29/2004 | samba | ||
| Multiple Vulnerabilities There is a bug in smbfs which may allow local users to gain root via a setuid |
|||
| Distribution: | Mandrake | ||
| 4/28/2004 | kernel | ||
| Multiple vulnerabilities This patch resolves a large number of kernel vulnerabilities at various |
|||
| 4/29/2004 | sysklogd | ||
| Vulnerability
Steve Grubb discovered a bug in sysklogd where it allocates an insufficient |
|||
| Distribution: | Openwall | ||
| 4/23/2004 | kernel | ||
| Privilege escalation vulnerability Upgrade to 2.4.26 to fix a local root vulnerability. |
|||
| Distribution: | Red Hat |
||
| 4/23/2004 | kernel | ||
| Privilege escalation vulnerabilities Updated kernel packages that fix two privilege escalation vulnerabilities |
|||
| Distribution: | Slackware | ||
| 4/28/2004 | kernel | ||
| Security Issues New kernel packages are available for Slackware 9.1 and -current to fix |
|||
