Author: Benjamin D. Thomas
ekg, heartbeat, affix, zlib, cacti, java, diskdumputils, radvd,
bind, kdelibs, freeradius, firefox, thunderbird, ypserv, mysql,
setarch, openoffice, pvm, fetchmail, mozilla, epiphany, devhelp,
yelp, php, ruby, acroread, phpgroupware, dhcpd, mediawiki, cpio,
shorewall, and kdenetwork. The distributors include Debian,
Fedora, Gentoo, and Red Hat.
Network Server Monitoring With Nmap
By: Pax Dickinson
Portscanning, for the uninitiated, involves sending connection requests
to a remote host to determine what ports are open for connections and
possibly what services they are exporting. Portscanning is the first
step a hacker will take when attempting to penetrate your system, so
you should be preemptively scanning your own servers and networks to
discover vulnerabilities before someone unfriendly gets there first.
Any open ports that are unnecessary for proper system operation should
be closed. Every open port is a possible access point for an
unauthorized user, and every service accepting connections from the
world could have a vulnerability. Even if you are diligent about
applying patches, any unnecessarily running service is still a window
an attacker could possibly climb through.
One way of viewing open ports on your Linux system is with the netstat
command. Issue the command netstat –inet -a to view both your
established connections and open listening network ports. This command
reads from your /etc/services file to determine the service name for a
given port number, so seeing *:www under the Local Address heading
indicates your server’s port 80 is open and listening, not that there
is necessarily a webserver running on that port. You should check the
list and ensure that the servers listening are indeed desired, and if
they are not, they should be disabled. For example, this output shows
me that my system is accepting connections on the ports for www, ssh,
smtp and https.
Read Complete Article:
http://www.linuxsecurity.com/content/view/119808/49/
LinuxSecurity.com
Feature Extras:
Pull The Plug Revisited: An Interview Five Years Later
– Five years after our original interview with Brian Gemberling, founder
of PullthePlug.org, we catch up with Daniel Alvarez and the rest of
the site’s administrative management. Its structured management and
focus on the community will ensure many years of continued success.
You’re asking, what is pull the plug? Read more to find out…Linux File
& Directory Permissions Mistakes – One common mistake Linux administrators
make is having file and directory permissions that are far too liberal and
allow access beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this article,
so I’ll assume you are familiar with the usage of such tools as chmod, chown,
and chgrp. If you’d like a refresher, one is available right here on linuxsecurity.com.Introduction:
Buffer Overflow Vulnerabilities – Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline.
Debian | ||
Debian: New krb5 packages fix multiple vulnerabilities | ||
17th, July, 2005
|
||
Debian: New heimdal packages fix arbitrary code execution | ||
18th, July, 2005
|
||
Debian: New phppgadmin packages fix directory traversal vulnerability | ||
18th, July, 2005
|
||
Debian: New ekg packages fix several vulnerabilities | ||
18th, July, 2005
|
||
Debian: New heartbeat packages fix insecure temporary files | ||
19th, July, 2005
|
||
Debian: New affix packages fix arbitrary command and code execution | ||
19th, July, 2005
|
||
Debian: New zlib packages fix buffer overflow | ||
20th, July, 2005
|
||
Debian: New cacti packages fix several vulnerabilities | ||
21st, July, 2005
|
||
Fedora | ||
Fedora Core 4 Update: java-1.4.2-gcj-compat-1.4.2.0-40jpp_31rh.FC4.1 | ||
18th, July, 2005
|
||
Fedora Core 3 Update: diskdumputils-1.1.7-3 | ||
18th, July, 2005
|
||
Fedora Core 4 Update: diskdumputils-1.1.7-4 | ||
18th, July, 2005
|
||
Fedora Core 4 Update: radvd-0.8-1.FC4 | ||
18th, July, 2005
|
||
Fedora Core 3 Update: radvd-0.8-1.FC3 | ||
18th, July, 2005
|
||
Fedora Core 4 Update: bind-9.3.1-8.FC4 | ||
19th, July, 2005
|
||
Fedora Core 3 Update: bind-9.2.5-3 | ||
19th, July, 2005
|
||
Fedora Core 3 Update: radvd-0.8-2.FC3 | ||
19th, July, 2005
|
||
Fedora Core 4 Update: radvd-0.8-2.FC4 | ||
19th, July, 2005
|
||
Fedora Core 3 Update: kdelibs-3.3.1-2.14.FC3 | ||
19th, July, 2005
|
||
Fedora Core 4 Update: freeradius-1.0.4-1.FC4.1 | ||
20th, July, 2005
|
||
Fedora Core 3 Update: firefox-1.0.6-1.1.fc3 | ||
20th, July, 2005
|
||
Fedora Core 3 Update: thunderbird-1.0.6-1.1.fc3 | ||
20th, July, 2005
|
||
Fedora Core 4 Update: firefox-1.0.6-1.1.fc4 | ||
20th, July, 2005
|
||
Fedora Core 4 Update: thunderbird-1.0.6-1.1.fc4 | ||
20th, July, 2005
|
||
Fedora Core 4 Update: ypserv-2.13-7 | ||
20th, July, 2005
|
||
Fedora Core 4 Update: mysql-4.1.12-2.FC4.1 | ||
20th, July, 2005
|
||
Fedora Core 4 Update: setarch-1.8-1.FC4 | ||
21st, July, 2005
|
||
Fedora Core 4 Update: openoffice.org-1.9.117-3.1.0.fc4 | ||
21st, July, 2005
|
||
Fedora Core 3 Update: pvm-3.4.5-5_FC3 | ||
21st, July, 2005
|
||
Fedora Core 4 Update: pvm-3.4.5-5_FC4 | ||
21st, July, 2005
|
||
Fedora Core 4 Update: fetchmail-6.2.5-7.fc4.1 | ||
21st, July, 2005
|
||
Fedora Core 3 Update: fetchmail-6.2.5-7.fc3.1 | ||
21st, July, 2005
|
||
Fedora Core 3 Update: mozilla-1.7.10-1.3.1 | ||
22nd, July, 2005
|
||
Fedora Core 3 Update: epiphany-1.4.4-4.3.5 | ||
22nd, July, 2005
|
||
Fedora Core 3 Update: devhelp-0.9.2-2.3.5 | ||
22nd, July, 2005
|
||
Fedora Core 4 Update: mozilla-1.7.10-1.5.1 | ||
22nd, July, 2005
|
||
Fedora Core 4 Update: epiphany-1.6.3-2 | ||
22nd, July, 2005
|
||
Fedora Core 4 Update: devhelp-0.10-1.4.1 | ||
22nd, July, 2005
|
||
Fedora Core 4 Update: yelp-2.10.0-1.4.1 | ||
22nd, July, 2005
|
||
Gentoo | ||
Gentoo: Mozilla Firefox Multiple Vulnerabilities | ||
15th, July, 2005
|
||
Gentoo: PHP Script injection through XML-RPC | ||
15th, July, 2005
|
||
Gentoo: Ruby Arbitrary command execution through XML-RPC | ||
15th, July, 2005
|
||
Gentoo: Adobe Acrobat Reader Buffer overflow vulnerability | ||
15th, July, 2005
|
||
Gentoo: phpGroupWare, eGroupWare PHP script injection vulnerability | ||
15th, July, 2005
|
||
Gentoo: dhcpcd Denial of Service vulnerability | ||
15th, July, 2005
|
||
Gentoo: Mozilla Thunderbird Multiple Vulnerabilities | ||
18th, July, 2005
|
||
Gentoo: Mozilla Thunderbird Multiple vulnerabilities | ||
19th, July, 2005
|
||
Gentoo: MediaWiki Cross-site scripting vulnerability | ||
20th, July, 2005
|
||
Gentoo: zlib Buffer overflow | ||
22nd, July, 2005
|
||
Gentoo: Shorewall Security policy bypass | ||
22nd, July, 2005
|
||
Red Hat |
||
RedHat: Important: firefox security update | ||
21st, July, 2005
|
||
RedHat: Low: cpio security update | ||
21st, July, 2005
|
||
RedHat: Important: zlib security update | ||
21st, July, 2005
|
||
RedHat: Important: thunderbird security update | ||
21st, July, 2005
|
||
RedHat: Critical: kdenetwork security update | ||
21st, July, 2005
|
||
RedHat: Important: mozilla security update | ||
22nd, July, 2005
|
||