Author: Benjamin D. Thomas
Introduction: IP Spoofing
By: Suhas A Desai
An article on “Security Problems in the TCP/IP Protocol Suite” by S.M.Bellovin
in 1989 initially explored IP Spoofing attacks . He described how Robert Morris,
creator of the now infamous Internet Worm, figured out how TCP created sequence
numbers and forged a TCP packet sequence.
This TCP packet included the destination address of his victim and
using as IP spoofing attack Morris was able to obtain root access
to his targeted system without a User ID or password.
Introduction:
IP spoofing is a technique used to gain unauthorized access to
computers, whereby the attacker sends messages to a computer with
a forging IP address indicating that the message is coming from a
trusted host. There are a few variations on the types of attacks
that using IP spoofing.
1.non-blind spoofing
This attack takes place when the attacker is on the same subnet
as the target that could see sequence and acknowledgement of
packets. The threat of this type of spoofing is session hijacking
and an attacker could bypass any authentication measures taken
place to build the connection. This is accomplished by corrupting
the DataStream of an established connection, then re-establishing
it based on correct sequence and acknowledgement numbers with the
attack machine.
2.Blind spoofing
This attack may take place from outside where sequence and
acknowledgement numbers are unreachable. Attackers usually send
several packets to the target machine in order to sample sequence
numbers, which is doable in older days. Today, most OSs implement
random sequence number generation, making it difficult to predict
them accurately. If, however, the sequence number was compromised,
data could be sent to the target.
READ ENTIRE ARTICLE:
http://www.linuxsecurity.com/content/view/120225/49/
LinuxSecurity.com
Feature Extras:
Linux File
& Directory Permissions Mistakes – One common mistake Linux administrators
make is having file and directory permissions that are far too liberal and
allow access beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this article,
so I’ll assume you are familiar with the usage of such tools as chmod, chown,
and chgrp. If you’d like a refresher, one is available right here on linuxsecurity.com.Introduction:
Buffer Overflow Vulnerabilities – Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.Getting
to Know Linux Security: File Permissions – Welcome to the first
tutorial in the ‘Getting to Know Linux Security’ series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple. If the feedback is
good, I’ll consider creating more complex guides for advanced users. Please
let us know what you think and how these can be improved.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline.
| Debian | ||
| Debian: New bluez-utils packages fix arbitrary command execution |
||
23rd, August, 2005
|
||
| Debian: New Mozilla Thunderbird packages fix several vulnerabilities |
||
23rd, August, 2005
|
||
| Debian: New mysql packages fix insecure temporary file |
||
24th, August, 2005
|
||
| Fedora | ||
| Fedora Core 4 Update: epiphany-1.6.5-1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: system-config-netboot-0.1.26-1_FC4 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: kdbg-2.0.0-0.fc3.1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: doxygen-1.4.4-0.fc4.1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: kdbg-2.0.0-0.fc4.1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.2 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: ncpfs-2.2.4-4.FC3.1 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: gaim-1.5.0-1.fc3 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: gaim-1.5.0-1.fc4 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: system-config-bind-4.0.0-30 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: system-config-bind-4.0.0-30_FC4 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: pcre-4.5-3.1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: tar-1.15.1-8.FC4 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: gstreamer-plugins-0.8.8-9 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: vnc-4.1.1-10.1 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: netpbm-10.28-1.FC3.2 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: metacity-2.10.3-1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: cups-1.1.23-15.1 | ||
18th, August, 2005
|
||
| Fedora Core 3 Update: cups-1.1.22-0.rc1.8.6 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: pygtk2-2.6.2-0.fc4.1 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: shadow-utils-4.0.7-10.FC4 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: netpbm-10.28-1.FC4.2 | ||
18th, August, 2005
|
||
| Fedora Core 4 Update: slocate-2.7-22.fc4.1 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: slocate-2.7-12.fc3.1 | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: MyODBC-2.50.39-25.FC4.1 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: MyODBC-2.50.39-25.FC3.1 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: doxygen-1.4.4-0.fc3.1 | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: xpdf-3.01-0.FC4.1 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: xpdf-3.01-0.FC3.1 | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: libgal2-2.4.3-1.fc4 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: dhcpv6-0.10-14_FC3 | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: dhcpv6-0.10-14_FC4 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: system-config-netboot-0.1.30-1_FC3 | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: system-config-netboot-0.1.30-1_FC4 | ||
22nd, August, 2005
|
||
| Fedora Core 4 Update: diskdumputils-1.1.9-2 | ||
22nd, August, 2005
|
||
| Fedora Core 3 Update: kdebase-3.4.2-0.fc3.3 | ||
23rd, August, 2005
|
||
| Fedora Core 4 Update: bind-9.3.1-10_FC4 | ||
23rd, August, 2005
|
||
| Fedora Core 4 Update: cvs-1.11.19-9 | ||
23rd, August, 2005
|
||
| Fedora Core 3 Update: cvs-1.11.17-7.FC3 | ||
23rd, August, 2005
|
||
| Fedora Core 3 Update: hwdata-0.146.1-1 | ||
23rd, August, 2005
|
||
| Fedora Core 3 Update: eject-2.1.1-0.fc3.2 | ||
24th, August, 2005
|
||
| Fedora Core 4 Update: eject-2.1.1-0.fc4.1 | ||
24th, August, 2005
|
||
| Fedora Core 3 Update: pcre-4.5-3.1.1.fc3 | ||
24th, August, 2005
|
||
| Fedora Core 4 Update: pcre-5.0-4.1.fc4 | ||
24th, August, 2005
|
||
| Fedora Core 3 Update: epiphany-1.4.9-0 | ||
24th, August, 2005
|
||
| Gentoo | ||
| Gentoo: Kismet Multiple vulnerabilities | ||
19th, August, 2005
|
||
| Gentoo: Adobe Reader Buffer Overflow | ||
19th, August, 2005
|
||
| Gentoo: Evolution Format string vulnerabilities | ||
23rd, August, 2005
|
||
| Gentoo: PEAR XML-RPC, phpxmlrpc New PHP script injection |
||
24th, August, 2005
|
||
| Gentoo: TikiWiki, eGroupWare Arbitrary command execution |
||
24th, August, 2005
|
||
| Gentoo: Apache 2.0 Denial of Service vulnerability |
||
25th, August, 2005
|
||
| Gentoo: Tor Information disclosure | ||
25th, August, 2005
|
||
| Red Hat |
||
| RedHat: Low: netpbm security update | ||
22nd, August, 2005
|
||
| RedHat: Low: vim security update | ||
22nd, August, 2005
|
||
| RedHat: Low: slocate security update | ||
22nd, August, 2005
|
||
| RedHat: Critical: elm security update | ||
23rd, August, 2005
|
||
