Author: Benjamin D. Thomas
system-config-securitylevel, checkpolicy, spamassassin, gaim, libextractor,
Ettercap, shtool, gedit, MediaWiki, gzip, gftp, squid, rsh, sysreport, telnet,
bz, and mc. The distributors include Fedora, Gentoo, and Red Hat.SPF: Ready for Prime Time?
by Pete O’Hara
Introduction
As of the time of this writing in the fight against SPAM a policy has
been drafted to target sender address forging called SPF (Sender Policy
Framework). The basic premise is to verify that the sender of an email
is in fact who they by claim to be. If they are not then mail can be
rejected. This could potentially eliminate a big percentage of SPAM and
who wouldn’t want that.. But there have been problems with SPF and it
isn’t the big solution that everyone had imagined when it first hit
the scene. There are a couple of plaguing issues that keep it from
becoming a mature solution with a standard.
What is SPF?
The first version of SPF (also know as “Classic” SPF) was a creation
of Meng Wong, founder of Pobox.com. In short the scheme is based on
domains publishing what servers are allowed to send mail for
themselves using DNS TXT records. A receiving MTA can then look at
the domain the sender is claiming to be from and the IP address of
the connecting client and check the SPF (DNS TXT) record for that
domain and verify if the client is allowed to send mail for the said
domain. From the results the receiving MTA can take appropriate actions.
The goal is to prevent sender forgery, one of the most common
characteristics of spam. SPF was a proposal considered by IETF’s
MARID group.
Summary
I, as everyone else, would love to be able to block all SPAM and I
certainly applaud all of the efforts that have been and are still
being made. But it seems obvious that SPF alone isn’t going to be
the answer. It doesn’t handle the forwarding issue and SRS isn’t
ready as a solution. One could argue that SPF can at least be used
not to reject mail but to whitelist mail from senders that pass SPF
checks. In view of spammers deploying SPF themselves this would
actually be counter productive as it gives them a form of credibility.
Based on the material presented here there are options other than
standalone SPF that on the surface seem to provide a better solution
but the cost is that they are more complex in that they require
reputation/accreditation services. But does the lack of agreement
on the simpler SPF (which turned out to be not so simple once the
forwarding issues surfaced) foreshadow the difficulties in
standardizing more elaborate proposals? If the trend towards
reputation/accreditation gains momentum, which by the way would
still require some form of sender validation to be established (you
can’t build a dependable reputation of a sender when it can’t be
verified), harmony on the architecture of such services seems a very
long way off. Sender verification is a problem that certainly needs
to be addressed but SMTP wasn’t originally designed with this
functionality in mind. Therefore a viable solution is not going to
be as simple as publishing DNS records of authorized mail servers.
SPF on it’s own isn’t the answer.
Read Entire Article:
http://infocenter.guardiandigital.com/documentati
LinuxSecurity.com
Feature Extras:
Getting
to Know Linux Security: File Permissions – Welcome to the first
tutorial in the ‘Getting to Know Linux Security’ series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple. If the feedback is
good, I’ll consider creating more complex guides for advanced users. Please
let us know what you think and how these can be improved.The
Tao of Network Security Monitoring: Beyond Intrusion Detection
– To be honest, this was one of the best books that I’ve read on network security.
Others books often dive so deeply into technical discussions, they fail to
provide any relevance to network engineers/administrators working in a corporate
environment. Budgets, deadlines, and flexibility are issues that we must all
address. The Tao of Network Security Monitoring is presented in such a way
that all of these are still relevant.Encrypting
Shell Scripts – Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn’t have a “ps -ef” loop running in an attempt to capture
that sensitive info (though some applications mask passwords in “ps” output).
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline.
Fedora | ||
Fedora Core 3 Update: mikmod-3.1.6-31.FC3 | ||
9th, June, 2005
|
||
Fedora Core 3 Update: tcpdump-3.8.2-9.FC3 | ||
9th, June, 2005
|
||
Fedora Core 3 Update: yum-2.2.1-0.fc3 | ||
13th, June, 2005
|
||
Fedora Core 4 Update: elinks-0.10.3-3.1 | ||
16th, June, 2005
|
||
Fedora Core 4 Update: mikmod-3.1.6-35.FC4 | ||
16th, June, 2005
|
||
Fedora Core 4 Update: tcpdump-3.8.2-13.FC4 | ||
16th, June, 2005
|
||
Fedora Core 4 Update: parted-1.6.22-3.FC4 | ||
16th, June, 2005
|
||
Fedora Core 4 Update: system-config-securitylevel-1.5.8.1-1 | ||
16th, June, 2005
|
||
Fedora Core 3 Update: checkpolicy-1.17.5-1.2 | ||
16th, June, 2005
|
||
Fedora Core 3 Update: selinux-policy-targeted-1.17.30-3.9 | ||
16th, June, 2005
|
||
Fedora Core 3 Update: spamassassin-3.0.4-1.fc3 | ||
16th, June, 2005
|
||
Fedora Core 4 Update: spamassassin-3.0.4-1.fc4 | ||
16th, June, 2005
|
||
Fedora Core 3 Update: gaim-1.3.1-0.fc3 | ||
16th, June, 2005
|
||
Fedora Core 4 Update: gaim-1.3.1-0.fc4 | ||
16th, June, 2005
|
||
Gentoo | ||
Gentoo: libextractor Multiple overflow vulnerabilities |
||
9th, June, 2005
|
||
Gentoo: Ettercap Format string vulnerability | ||
11th, June, 2005
|
||
Gentoo: GNU shtool, ocaml-mysql Insecure temporary file |
||
11th, June, 2005
|
||
Gentoo: gedit Format string vulnerability | ||
11th, June, 2005
|
||
Gentoo: GNU shtool, ocaml-mysql Insecure temporary file |
||
11th, June, 2005
|
||
Gentoo: LutelWall Insecure temporary file creation |
||
11th, June, 2005
|
||
Gentoo: Ettercap Format string vulnerability | ||
11th, June, 2005
|
||
Gentoo: Gaim Denial of Service vulnerabilities | ||
12th, June, 2005
|
||
Gentoo: TCPDump Decoding routines Denial of Service |
||
13th, June, 2005
|
||
Gentoo: MediaWiki Cross-site scripting vulnerability |
||
13th, June, 2005
|
||
Red Hat | ||
RedHat: Low: gzip security update | ||
13th, June, 2005
|
||
RedHat: Moderate: gftp security update | ||
13th, June, 2005
|
||
RedHat: Low: squid security update | ||
13th, June, 2005
|
||
RedHat: Low: rsh security update | ||
13th, June, 2005
|
||
RedHat: Moderate: gedit security update | ||
13th, June, 2005
|
||
RedHat: Moderate: sysreport security update |
||
13th, June, 2005
|
||
RedHat: Low: tcpdump security update | ||
13th, June, 2005
|
||
RedHat: Low: mikmod security update | ||
13th, June, 2005
|
||
RedHat: Low: squid security update | ||
14th, June, 2005
|
||
RedHat: Moderate: telnet security update | ||
14th, June, 2005
|
||
RedHat: Low: bzip2 security update | ||
16th, June, 2005
|
||
RedHat: Moderate: mc security update | ||
16th, June, 2005
|
||
RedHat: Moderate: gaim security update | ||
16th, June, 2005
|
||