IT security Advisory 0631

scan pc for spyware or adware free

IT security Advisory 0631

This week, advisories were released for mikmod, tcpdump, yum, elinks,
parted, system-config-securitylevel, checkpolicy, spamassassin, gaim,
libextractor, Ettercap, shtool, gedit, MediaWiki, gzip, gftp, squid,
rsh, sysreport, telnet, bz, and mc. The distributors include Fedora,
Gentoo, and Red Hat. 

SPF: Ready for Prime Time?

As of the time of this writing in the fight against SPAM a policy has
been drafted to target sender address forging called SPF (Sender Policy
Framework). The basic premise is to verify that the sender of an email
is in fact who they by claim to be. If they are not then mail can be
rejected. This could potentially eliminate a big percentage of SPAM and
who wouldn't want that.. But there have been problems with SPF and it
isn't the big solution that everyone had imagined when it first hit
the scene. There are a couple of plaguing issues that keep it from
becoming a mature solution with a standard.
What is SPF?
The first version of SPF (also know as "Classic" SPF) was a creation
of Meng Wong, founder of Pobox.com. In short the scheme is based on
domains publishing what servers are allowed to send mail for
themselves using DNS TXT records. A receiving MTA can then look at
the domain the sender is claiming to be from and the IP address of
the connecting client and check the SPF (DNS TXT) record for that
domain and verify if the client is allowed to send mail for the said
domain. From the results the receiving MTA can take appropriate actions.
The goal is to prevent sender forgery, one of the most common
characteristics of spam. SPF was a proposal considered by IETF's
MARID group.
Summary
I, as everyone else, would love to be able to block all SPAM and I
certainly applaud all of the efforts that have been and are still
being made. But it seems obvious that SPF alone isn't going to be
the answer. It doesn't handle the forwarding issue and SRS isn't
ready as a solution. One could argue that SPF can at least be used
not to reject mail but to whitelist mail from senders that pass SPF
checks. In view of spammers deploying SPF themselves this would
actually be counter productive as it gives them a form of credibility.
Based on the material presented here there are options other than
standalone SPF that on the surface seem to provide a better solution
but the cost is that they are more complex in that they require
reputation/accreditation services. But does the lack of agreement
on the simpler SPF (which turned out to be not so simple once the
forwarding issues surfaced) foreshadow the difficulties in
standardizing more elaborate proposals? If the trend towards
reputation/accreditation gains momentum, which by the way would
still require some form of sender validation to be established (you
can't build a dependable reputation of a sender when it can't be
verified), harmony on the architecture of such services seems a very
long way off. Sender verification is a problem that certainly needs
to be addressed but SMTP wasn't originally designed with this
functionality in mind. Therefore a viable solution is not going to
be as simple as publishing DNS records of authorized mail servers.
SPF on it's own isn't the answer.

---
Measuring Security IT Success
In a time where budgets are constrained and Internet threats are
on the rise, it is important for organizations to invest in network
security applications that will not only provide them with powerful
functionality but also a rapid return on investment.


Getting to Know Linux Security: File Permissions
Welcome to the first tutorial in the 'Getting to Know Linux Security'
series.  The topic explored is Linux file permissions.  It offers an
easy to follow explanation of how to read permissions, and how to set
them using chmod.  This guide is intended for users new to Linux
security, therefore very simple.  If the feedback is good, I'll
consider creating more complex guides for advanced users.  Please
let us know what you think and how these can be improved.



The Tao of Network Security Monitoring: Beyond Intrusion Detection
To be honest, this was one of the best books that I've read on network
security. Others books often dive so deeply into technical discussions,
they fail to provide any relevance to network engineers/administrators
working in a corporate environment. Budgets, deadlines, and flexibility
are issues that we must all address. The Tao of Network Security
Monitoring is presented in such a way that all of these are still
relevant. One of the greatest virtues of this book is that is offers
real-life technical examples, while backing them up with relevant case
studies.


  Take advantage of the Security Quick Reference Card!
  
  Distribution: Fedora           
* Fedora Core 3 Update: mikmod-3.1.6-31.FC3
  9th, 
Updated package.

* Fedora Core 3 Update: tcpdump-3.8.2-9.FC3
  9th, 
Updated package.

* Fedora Core 3 Update: yum-2.2.1-0.fc3
  13th, 
Updated package.

* Fedora Core 4 Update: elinks-0.10.3-3.1
  16th, 
Updated package.

* Fedora Core 4 Update: mikmod-3.1.6-35.FC4
  16th, 
Updated package.

* Fedora Core 4 Update: tcpdump-3.8.2-13.FC4
  16th, 
Updated package.

* Fedora Core 4 Update: parted-1.6.22-3.FC4
  16th, 
Updated package.

* Fedora Core 4 Update: system-config-securitylevel-1.5.8.1-1
  16th, 
Updated package.

* Fedora Core 3 Update: checkpolicy-1.17.5-1.2
  16th, 
Updated package.

* Fedora Core 3 Update: selinux-policy-targeted-1.17.30-3.9
  16th, 
Updated package.

* Fedora Core 3 Update: spamassassin-3.0.4-1.fc3
  16th, 
Important update for a Denial of Service vulnerability, plus more
bug fixes from upstream.  More details available at:


* Fedora Core 4 Update: spamassassin-3.0.4-1.fc4
  16th, 
Important update for a Denial of Service vulnerability, plus more
bug fixes from upstream.  More details available at:


* Fedora Core 3 Update: gaim-1.3.1-0.fc3
  16th, 
More bug and denial of service fixes.

* Fedora Core 4 Update: gaim-1.3.1-0.fc4
  16th, 
More bug and denial of service fixes.

  Distribution: Gentoo           
* Gentoo: libextractor Multiple overflow vulnerabilities
  9th, 
libextractor is affected by several overflow vulnerabilities in the
PDF, Real and PNG extractors, making it vulnerable to execution of
arbitrary code.

* Gentoo: Ettercap Format string vulnerability
  11th, 
A format string vulnerability in Ettercap could allow a remote
attacker to execute arbitrary code.

* Gentoo: GNU shtool, ocaml-mysql Insecure temporary file
  11th, 
GNU shtool and ocaml-mysql are vulnerable to symlink attacks,
potentially allowing a local user to overwrite arbitrary files.

* Gentoo: gedit Format string vulnerability
  11th, 
gedit suffers from a format string vulnerability that could allow
arbitrary code execution.

* Gentoo: GNU shtool, ocaml-mysql Insecure temporary file
  11th, 
GNU shtool and ocaml-mysql are vulnerable to symlink attacks,
potentially allowing a local user to overwrite arbitrary files.

* Gentoo: LutelWall Insecure temporary file creation
  11th, 
LutelWall is vulnerable to symlink attacks, potentially allowing a
local user to overwrite arbitrary files.

* Gentoo: Ettercap Format string vulnerability
  11th, 
A format string vulnerability in Ettercap could allow a remote
attacker to execute arbitrary code.

* Gentoo: Gaim Denial of Service vulnerabilities
  12th, 
Gaim contains two remote Denial of Service vulnerabilities.

* Gentoo: TCPDump Decoding routines Denial of Service
  13th, 
While working on the tcpdump issues solved in the original version of
this GLSA, Simon L. Nielsen from FreeBSD Security Team discovered a
similar infinite loop DoS vulnerability in the BGP handling code
(CAN-2005-1267).

* Gentoo: MediaWiki Cross-site scripting vulnerability
  13th, 
MediaWiki is vulnerable to a cross-site scripting attack that could
allow arbitrary scripting code execution.

  Distribution: Red Hat          
* RedHat: Low: gzip Internet Security update
  13th, 
An updated gzip package is now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.

* RedHat: Moderate: gftp Internet Security update
  13th, 
An updated gFTP package that fixes a directory traversal issue is now
available. This update has been rated as having moderate security impact
by the Red Hat Security Response Team.

* RedHat: Low: squid Internet Security update
  13th, 
An updated squid package that fixes several security issues is now
available. This update has been rated as having low security impact by
the Red Hat Security Response Team.

* RedHat: Low: rsh Internet Security update
  13th, 
Updated rsh packages that fix a theoretical security issue are now
available. This update has been rated as having low security impact
by the Red Hat Security Response Team

* RedHat: Moderate: gedit Internet Security update
  13th, 
An updated gedit package that fixes a file name format string
vulnerability is now available. This update has been rated as having
moderate security impact by the Red Hat Security Response Team

* RedHat: Moderate: sysreport Internet Security update
  13th, 
An updated sysreport package that fixes an information disclosure
flaw is now available. This update has been rated as having moderate
security impact by the Red Hat Security Response Team

* RedHat: Low: tcpdump Internet Security update
  13th, 
Updated tcpdump packages that fix a security issue are now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.

* RedHat: Low: mikmod Internet Security update
  13th, 
Updated mikmod packages that fix a security issue are now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.

* RedHat: Low: squid Internet Security update
  14th, 
An updated squid package that fixes several security issues is now
available. This update has been rated as having low security impact
by the Red Hat Security Response Team.

* RedHat: Moderate: telnet Internet Security update
  14th, 
Updated telnet packages that fix an information disclosure issue are
now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.

* RedHat: Low: bzip2 Internet Security update
  16th, 
Updated bzip2 packages that fix multiple issues are now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.

* RedHat: Moderate: mc Internet Security update
  16th, 
Updated mc packages that fix several security issues are now
available for Red Hat Enterprise Linux 2.1. This update has been
rated as having moderate security impact by the Red Hat Security
Response Team.

* RedHat: Moderate: gaim Internet Security update
  16th, 
An updated gaim package that fixes two denial of service issues is
now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.

WorldsLargestNetwork.com




Scan Your PC for Spyware Free

PC Speed Boost

Create Website Easily

Computer Monitoring Software

Internet Education

Anti Spy Software

Stop Pop Ups

Pop-up Eliminator

Adware Removal

Computer Virus Software

Free Scan Spyware Remover

IT Training

Security Software

Security Solutions

Software Protection

Speed Up PC

Virus Protection

Web Safety

Adware Remover and Spyware Protection

Animated Desktop Characters

Anti Virus Software

Audioexam Study Guides in Mp3 Format

Internet Privacy

Detection Connection

Investigate Anyone or Anything

Password Protection Software

Securing Privacy

Spyware Remover





Best of the Web 1 | Best of the Web 2 | Best of the Web 3 | Best of the Web 4


Worlds Largest Network

Active © WorldsLargestNetwork.com ; All Rights Reserved