Author: Benjamin D. Thomas
smartlist, kdewebdev, wireless-tools, gimp, bootparamd, tcpdump, kdelibs, vte,
php, words, util-linux, lapack, gnuutils, and glibc. The distributors include
Conectiva, Debian, Fedora, Gentoo, and Red Hat.Review: The Book of Postfix: State-of-the-Art Message Transport
By: Pete O’Hara
I was very impressed with “The Book of Postfix” by authors Ralf Hildebrandt
and Patrick Koetter and feel that it is an incredible Postfix reference. It
gives a great overall view of the operation and management of Postfix in an
extremely systematic and practical format. It flows in a logical manner, is
easy to follow and the authors did a great job of explaining topics with attention
paid to real world applications and how to avoid many of the associated pitfalls.
I am happy to have this reference in my collection.
The authors have taken the time to clearly answer the key questions that are
of real practical value. There is no excessive or superflous material here that,
although may good to know, won’t divert attention from the topic of configuring
a solid MTA. The book is very well focused and the authors’ hard work is obvious.
There are sections where someone else may have left good enough alone but they
went the extra mile to make sure that this book answered the important questions
fully.
“The Book of Postfix” starts with “A Postmaster’s Primer To Email” and continues
through all of the key topics in a sensible progression so that even if you
are fairly new to administering email you are taught in a sequential manner
that promotes understanding. The comprehensive list of topics encompasses single
and multiple domain servers, dial-ups, SMTP restrictions, internal and external
content filters, mail gateways, SMTP proxy, SMTP authentication, SASL, LDAP,
SQL integration, Transport Layer Security, chroots, rate limiting, performance
tuning, and trouble shooting. It covers a good amount of ground.
The numerous “NOTE” and “CAUTION” sections provide great additional detail
to real world scenarious that I found extremely relevant and useful. For each
topic there is also an invaluable “TESTING” section so that you can verify for
yourself that you are in fact getting the expected behavior. The imperative
topic of security is always kept in mind in the confugrations and the accompanying
diagrams and flow charts do an excellent job of enhancing the text and providing
extra clarity.
Read complete review:
http://www.linuxsecurity.com/content/view/119027/49/
LinuxSecurity.com
Feature Extras:
Getting
to Know Linux Security: File Permissions – Welcome to the first
tutorial in the ‘Getting to Know Linux Security’ series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple. If the feedback is
good, I’ll consider creating more complex guides for advanced users. Please
let us know what you think and how these can be improved.The
Tao of Network Security Monitoring: Beyond Intrusion Detection
– To be honest, this was one of the best books that I’ve read on network security.
Others books often dive so deeply into technical discussions, they fail to
provide any relevance to network engineers/administrators working in a corporate
environment. Budgets, deadlines, and flexibility are issues that we must all
address. The Tao of Network Security Monitoring is presented in such a way
that all of these are still relevant.Encrypting
Shell Scripts – Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn’t have a “ps -ef” loop running in an attempt to capture
that sensitive info (though some applications mask passwords in “ps” output).
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline.
| Conectiva | ||
| Conectiva: kernel Kernel update | ||
2nd, May, 2005
|
||
| Debian | ||
| Debian: New ethereal packages fix buffer overflow |
||
28th, April, 2005
|
||
| Debian: New prozilla packages fix arbitrary code execution |
||
28th, April, 2005
|
||
| Debian: New ethereal packages fix buffer overflow |
||
28th, April, 2005
|
||
| Debian: New smartlist packages fix unauthorised un/subscription |
||
3rd, May, 2005
|
||
| Fedora | ||
| Fedora Core 3 Update: kdewebdev-3.3.1-2.1 | ||
28th, April, 2005
|
||
| Fedora Core 3 Update: wireless-tools-27-2.2.0.fc3 | ||
28th, April, 2005
|
||
| Fedora Core 3 Update: spamassassin-3.0.3-3.fc3 | ||
29th, April, 2005
|
||
| Fedora Core 3 Update: gimp-2.2.6-0.fc3.2 | ||
30th, April, 2005
|
||
| Fedora Core 3 Update: bootparamd-0.17-19.FC3 | ||
2nd, May, 2005
|
||
| Fedora Core 3 Update: tcpdump-3.8.2-8.FC3 | ||
2nd, May, 2005
|
||
| Fedora Core 3 Update: kdelibs-3.3.1-2.12.FC3 | ||
2nd, May, 2005
|
||
| Fedora Core 3 Update: vte-0.11.13-1.fc3 | ||
2nd, May, 2005
|
||
| Fedora Core 3 Update: perl-5.8.5-12.FC3 | ||
2nd, May, 2005
|
||
| Fedora Core 3 Update: php-4.3.11-2.5 | ||
3rd, May, 2005
|
||
| Fedora Core 3 Update: policycoreutils-1.18.1-2.12 | ||
3rd, May, 2005
|
||
| Fedora Core 3 Update: words-3.0-2.3 | ||
4th, May, 2005
|
||
| Fedora Core 3 Update: util-linux-2.12a-24.1 | ||
4th, May, 2005
|
||
| Fedora Core 3 Update: system-config-bind-4.0.0-11 | ||
4th, May, 2005
|
||
| Fedora Core 3 Update: dhcp-3.0.1-42_FC3 | ||
4th, May, 2005
|
||
| Fedora Core 3 Update: lapack-3.0-26.fc3 | ||
5th, May, 2005
|
||
| Fedora Core 3 Update: system-config-bind-4.0.0-12 | ||
5th, May, 2005
|
||
| Fedora Core 3 Update: gnutls-1.0.20-3.1.1 | ||
5th, May, 2005
|
||
| Gentoo | ||
| Gentoo: Heimdal Buffer overflow vulnerabilities | ||
28th, April, 2005
|
||
| Gentoo: Pound Buffer overflow vulnerability | ||
30th, April, 2005
|
||
| Gentoo: eGroupWare XSS and SQL injection vulnerabilities |
||
30th, April, 2005
|
||
| Gentoo: phpMyAdmin Insecure SQL script installation |
||
30th, April, 2005
|
||
| Gentoo: Horde Framework Multiple XSS vulnerabilities |
||
1st, May, 2005
|
||
| Gentoo: Oops! Remote code execution | ||
5th, May, 2005
|
||
| Red Hat |
||
| RedHat: Low: glibc security update | ||
28th, April, 2005
|
||
| RedHat: Important: kernel security update | ||
28th, April, 2005
|
||
| RedHat: Important: kernel security update | ||
28th, April, 2005
|
||
| RedHat: Important: Mozilla security update | ||
28th, April, 2005
|
||
| RedHat: Moderate: PHP security update | ||
28th, April, 2005
|
||
| RedHat: Low: nasm security update | ||
4th, May, 2005
|
||
| RedHat: Moderate: evolution security update |
||
4th, May, 2005
|
||
| RedHat: Moderate: PHP security update | ||
4th, May, 2005
|
||
