Linux Security -- Linux Security Tools (fwd)

Scott Howell showell at n3byy.yi.org
Sat Aug 5 09:36:30 EDT 2000 

For those of you especially using Red Hat, you might find this of
interest.



---------- Forwarded message ----------
Date: Tue, 1 Aug 2000 19:59:59
From: ITworld Newsletters <itwnews at itwpub1.com>
To: showell at n3byy.yi.org
Subject: Linux Security -- Linux Security Tools  

LINUX SECURITY --- August 01, 2000
Published by ITworld.com, the IT problem-solving network
http://www.itworld.com/newsletters

*********************************************************************
HIGHLIGHTS

* Tools of the security trade 

********************************************************************* 
ADVERTISEMENT

VeriSign -- THE INTERNET TRUST COMPANY

Secure all your Web servers now -- with a proven 5-part strategy.
The FREE Server Security Guide shows you how:
* DEPLOY THE LATEST ENCRYPTION and authentication techniques
* DELIVER TRANSPARENT PROTECTION with the strongest security without
disrupting users -- and more. Get your FREE guide now:
http://ad.doubleclick.net/clk;1558657;4419578;a

*********************************************************************
A Few "Must Have" Linux Security Tools
by Rick Johnson

With literally thousands of Linux Security related tools out there, how 
do you know which ones you need? Well, only you can answer that; I can 
only list a few of the ones in my arsenal. While those I trust have 
recommended some, most were found through rigorous testing and plain old 
dumb luck.

    * Nmap (http://www.insecure.org/nmap) - Nmap is a utility for port 
      scanning large networks or a single host. This should be at the 
      core of every Security Engineers toolkit.  A few of the supported 
      features of nmap include TCP SYN scanning, stealth scanning, ftp 
      bounce attack, SYN/FIN scanning using IP fragments, ping-sweep, 
      Direct RPC scanning, and even Remote OS Identification by TCP/IP 
      Fingerprinting.

    * Nessus (http://www.nessus.org) - Nessus is another remote scanner. 
      It currently performs around 400 remote security checks. Nessus 
      also has incredible reporting capabilities with text and graphed 
      HTML output. Not only will it point out problems, but it also 
      suggests a solution for each of them.

      One interesting feature is that it will not consider that a given 
      service is running on a fixed port -- that is, if you run your Web 
      server on port 1234, Nessus will detect it and test its security. 
      It will not make its security tests regarding the version number 
      of the remote services, but will really attempt to exploit the 
      vulnerability.

    * Linux Security Quick Reference Card 
      (http://www.linuxsecurity.com/docs) - This card, written by Dave 
      Wreski, gives you one easy-to-use reference point for the basics 
      of securing your system. Contained within are references to 
      security resources around the net, tips on securing your Linux 
      box, and general security information. I highly recommend keeping 
      it on your desk.

    * StackGuard (www.immunix.org) - StackGuard is a compiler that makes 
      programs much less vulnerable to buffer overflow attacks. Using 
      the compiler requires no source code changes at all. StackGuard 
      does integrity checks on the stack so that it cannot be corrupted 
      by buffer overflows without being detected.  When a buffer 
      overflow does happen, StackGuard notices and halts the program 
      before the attacker can take control and do damage. They have even 
      gone so far as to rebuild RedHat 6.2 using this marvel of 
      compiling innovation and the result is the Immunix OS 6.2, which 
      is available from the same site.

These are only a few of the fine tools available to help keep your 
servers safe from evil. I know there are plenty that are worthy of 
mention here and if you are the developer of a product that is unique 
and worthy of mention, please drop me a line. I am always in the market 
for a new way to protect myself.


Resources

Forensics 
Getting to the bottom of a security breach.
http://www.sunworld.com/sunworldonline/swol-07-2000/swol-0721-security.html

The security consultant's toolbox 
Commercial products have their place, but nothing beats some of the 
better freeware tools.
http://www2.itworld.com/cma/ett_article_frame/0,2848,1_1624,00.html

An arsenal of attack tools
http://www2.itworld.com/cma/ett_article_frame/0,2848,1_1642,00.html

************************************************************************
THE ESSENTIAL OPEN BOOK PROJECT

The Essential Linux Open Book project needs you! We have one chapter 
completed and two others nearing completion. If you want to give 
something back to the community, do it now. 
http://www.linuxworld.com/linuxworld/idgbooks-openbook/home.html

************************************************************************
COMMUNITY DISCUSSION

Linux Forum 
>From handhelds to supercomputers, the buzz is all about Linux and world 
domination -- but what does that mean for the Linux community? Join 
LinuxWorld's discussion forum to debate the issues, talk shop, and 
extend your knowledge of Linux.
http://forums.itworld.com/webx?14@@.ee6b650

************************************************************************ 

About the author
----------------
Rick Johnson is currently the Manager of Security Services for an 
emerging Managed Service Provider. When not writing, he heads the 
development team for PMFirewall, an Ipchains Firewall and Masquerading 
Configuration Utility for Linux. Rick can be contacted via email at 
rick at pointman.org or on the web at http://www.pointman.org.
 
*********************************************************************
IT JOB SPOT 

Listen to that Little Voice

You know that it's the best job market ever. You know you should check
it out. Just click over to ITcareers.com and see the newest, freshest
jobs from America's best companies. Use our Job Alert and let the good
jobs find you. You’re one click away.
http://ad.doubleclick.net/clk;1400812;4296573;d

*********************************************************************   
CUSTOMER SERVICE

You can subscribe or unsubscribe to any of your e-mail newsletters by 
updating your form at:
http://www.itworld.com/cgi-bin/w3-msql/newsletters/subcontent12.html?

For subscription changes that cannot be handled via the web, please send 
an email to our customer service dept: support at itworld.com

*********************************************************************
CONTACTS

* For editorial comments, write Andrew Santosusso, Associate Editor, 
Newsletters at: andrew_santosusso at itworld.com
* For advertising information, write Dan Chupka, Account Executive at:
dan_chupka at itworld.com
* For all other inquiries, write Jodie Naze, Product Manager,
Newsletters at: jodie_naze at itworld.com

*********************************************************************

Copyright 2000 ITworld.com, Inc., All Rights Reserved. 

http://www.itworld.com

More information about the Speakup mailing list