ONLamp.com
oreilly.comSafari Books Online.Conferences.

advertisement


ONLamp.com > Security Articles

Security Articles

Handicapping New DNS Extensions and Applications by Cricket Liu
The DNS system is not static; there are several proposed new extensions and applications under development and adoption. DNS expert Cricket Liu explores five for updates and their future: the Sender Policy Framework, IPv6 support, Internationalized Domain Names, ENUM, and the DNS Security Extensions. Jan. 11, 2007

Confessions of a Recovering NetBSD Zealot by Federico Biancuzzi
Charles M. Hannum is one of the founders of the NetBSD project. He recently posted to the NetBSD list that the project has "stagnated to the point of irrelevance" and gave suggestions for improvement. As you might expect, this provoked strong reactions. Federico Biancuzzi recently interviewed Hannum about the past, present, and potential future of NetBSD. Sep. 14, 2006

The Long View of Identity by Andy Oram
Who are you online? Your digital identity is a complex bundle of information--not just what you say about yourself, but what other people say about you and how trustworthy they are. O'Reilly editor Andy Oram recently attended the Identity Mashup conference at Harvard Law's Berkman Center and reports on one of the most vital issues of privacy and usability on the internet. Jun. 29, 2006

Building a Self-Healing Network by Greg Retkowski
Wouldn't it be nice if your network services could detect their own failures and gracefully restart? Sure, you could have cron or FAM jobs always checking them, but that's so unrefined. Instead, consider Greg Retkowski's solution: building a small Cfengine and NAGIOS combination to detect and recover from failure. May. 25, 2006

OpenBSD 3.9: Blob-Busters Interviewed by Federico Biancuzzi
Every six months, the OpenBSD team releases a new version of their OS. OpenBSD 3.9 is here. Federico Biancuzzi recently interviewed the core developers about new features and improvements, as well as their principled stand against shipping binary-only blobs in place of actual drivers. Apr. 27, 2006

Secure Your Linux Server by Aaron Brazell
Linux is a powerful and popular operating system kernel. That popularity means you might be running it even if you're not a dedicated Unix administrator or high-powered programmer. That doesn't mean that rock-solid security is out of your reach, though. Aaron Brazell shows how to make Red Hat 9 (and other Linux distributions) much more secure in a few easy steps. Mar. 23, 2006

Analyzing Web Logs with AWStats, Part 2 by Sean Carlos
If you don't know where you are and what you're doing, how do you know where you're going? A crucial part of any successful web site is statistical analysis. AWStats is a powerful open source tool for collecting, summarizing, and reporting web statistics. Sean Carlos shows how to interpret the reports--not just what they say, but what they mean. Jan. 9, 2006

Inside NetBSD's CGD by Federico Biancuzzi
Security-minded laptop users live in fear of theft, not only of their computer but also of their precious secret data. NetBSD's CGD project is a cryptographic virtual disk that can protect sensitive data while acting like a normal filesystem. Federico Biancuzzi recently interviewed its author, Roland Dowdeswell, on the goals and implementation of the system. Dec. 21, 2005

Analyzing Web Logs with AWStats by Sean Carlos
If you don't know where you are and what you're doing, how do you know where you're going? A crucial part of any successful web site is statistical analysis. AWStats is a powerful open source tool for collecting, summarizing, and reporting web statistics. Sean Carlos shows how to install, configure, and understand the output of the program. Dec. 1, 2005

PHP Problems by Noel Davis
Noel Davis looks at problems in PHP, Emacs, ftpd-ssl, Lynx, Roaring Penguin pppoe, OpenVPN, RAR, Fedora Core X-Chat, HP-UX xterm, libungif4, and GpsDrive. Nov. 18, 2005

Ethereal Trouble by Noel Davis
Noel Davis looks at problems in sudo, Ethereal, Apache mod_auth_shadow, fetchmailconf, lynx, Mantis, pnmtopng, gnump3d, Squid, unzip, uim, Curl, and imlibNov. 4, 2005

Building Detailed Network Reports with Netflow by Michael W. Lucas
You can trace every packet on your network from source to destination, if you really want to. Having all of this information is useless unless you can actually find what you need to know. Netflow not only helps record traffic information but also can help you report on just the types of packets you want. Michael W. Lucas demonstrates. Oct. 27, 2005

OpenBSD 3.8: Hackers of the Lost RAID by Federico Biancuzzi
Every six months, the OpenBSD team releases a new version of their OS. It's time for OpenBSD 3.8. Federico Biancuzzi recently interviewed the core developers about new features and improvements, as well as ongoing struggles to find support from hardware vendors. Here's what to expect when you upgrade. Oct. 20, 2005

KWord Trouble by Noel Davis
Noel Davis looks at problems in KWord, SPE under Gentoo, wget, Brightstore, eTrust, Unicenter, OpenSSL, XMail, uw-imap, weex, tcpdump, graphviz, up-imapproxy, xloadimage and xli, and Ruby. Oct. 20, 2005

Company-Wide Instant Messaging with Jabberd by Oktay Altunergil
Instant messaging is becoming as valuable a business tool as email, the telephone, or the computer. While public networks are free (but not under your control) and private installations are under your control (but expensive), you can easily run your own secure, free server using the open standards of the Jabber protocol. Oktay Altunergil shows how to install and configure jabberd and to integrate it into an existing business directory system. Oct. 6, 2005

XFree86 Trouble by Noel Davis
Noel Davis looks at problems in XFree86, cfengine, RealPlayer 10, Helix Player, ClamAV, XSun, Xprt, arc, prozilla, AbiWord, Backupninja, Hylafax, ApacheTop, and libsnmp5Oct. 6, 2005

Using FreeBSD's ACLs by Dru Lavigne
The standard Unix permissions scheme works fine if you have simple needs, but juggling groups and users can grow unwieldy very quickly. FreeBSD's Access Control Lists give you more control over who can access files and directories. Dru Lavigne explains how to enable, understand, and use them appropriately. Sep. 22, 2005

MySQL Trouble by Noel Davis
Noel Davis looks at problems in MySQL, umount, KDE's kcheckpass, GNOME Workstation Command Center, X.org, Squid, TWiki, ncompress, grip, Turquoise SuperStat, gtkdiskfree, and LessTif. Sep. 22, 2005

Problems in PCRE, the Linux Kernel, and SILC by Noel Davis
Noel Davis looks at problems in PCRE, the Linux kernel, SILC, Frox, MPlayer, pam_ldap, maildrop, lm_sensors, simpleproxy, backup-manager, Adobe Version Cue, phpGroupWare, and webcalendarSep. 15, 2005

PHP Trouble by Noel Davis
Noel Davis looks at problems in PHP, Adobe Reader, Kismet, LibTIFF, Evolution, Mutt, bluez-utils, Ignite-UX, CPAINT, Awstats, Clam AntiVirus, and Gaim. Aug. 25, 2005

Apache Trouble by Noel Davis
Noel Davis looks at problems in Apache, bzip2, Cisco devices, fetchmail, Netpbm, Ethereal, Proftpd, pstotext, apt-cacher, Compress::Zlib, Gopher, nbSMTP, and PowerDNS. Aug. 11, 2005

Problems in Oracle Reports by Noel Davis
Noel Davis looks at problems in Oracle Reports, Skype for Linux, MediaWiki, Kate, Kwrite, Shorewall, ekg, libgadu, PHPNews, phpSurveyor, Affix, Heartbeat, and phpPgAdmin. Jul. 29, 2005

Problems in SpamAssassin, PEAR, and Bugzilla by Noel Davis
Noel Davis looks at problems in SpamAssassin, PHP PEAR, Bugzilla, Heimdal/Kerberos telnetd, Vipul's Razor, TikiWiki, poppassd_pam, zlib, FUSE, the Solaris kernel, HT Editor, GNATS, JBoss jBPM, Trustix Secure Linux, and Trac. Jul. 22, 2005

Building an OpenBSD Live CD by Kevin Lo
Linux isn't the only operating system that boots and runs off a CD. OpenBSD does as well. Kevin Lo uses his for didactic purposes, but this is a good example for taking your desktop or firewall along with you. Here's how to build and customize an OpenBSD installation on a CD. Jul. 14, 2005

Problems in OpenSSH, Sudo, and Java by Noel Davis
Noel Davis looks at problems in OpenSSH, Sudo, Sun Java, Blackdown Java, tcpdump, cpio, JBOSS, Adobe Reader and Acrobat, gedit, Gaim, and Trac. Jun. 24, 2005

Problems in the Kernel, OS X, and WordPress by Noel Davis
Noel Davis looks at problems in the Linux kernel, Mac OS X, bzip2, WordPress, WebSphere, Peercast, PHPMailer, Binutils, Popper Webmail, Dzip, and FreeBSD's gzipJun. 17, 2005

Problems in the Linux Kernel, LISTSERV, and gdb by Noel Davis
Noel Davis looks at problems in the Linux kernel, LISTSERV, gdb, FreeRADIUS, shtool, mailutils, Qpopper, davfs2, libmagick6, picasm, cheetah, and ppxpJun. 3, 2005

Mozilla and Firefox Flaws by Noel Davis
Noel Davis looks at problems in gzip, Mozilla and Firefox, OpenOffice.org, the FreeBSD kernel, Ethereal, TCPDump, libTIFF, Smail, Apache2's htdigest, and SCO UnixWare's chrootMay. 20, 2005

CVS Trouble by Noel Davis
Noel Davis looks at problems in CVS, PostgreSQL, Squid, Gaim, Debian's lsh, Xine-lib, Caroline, Convert-UUlib, Rootkit Hunter, snmppd, Kommander, kimgio, RealPlayer, Helix Player, xli, and Debian's sambaMay. 6, 2005

PHP, cpio, and rsnapshot Trouble by Noel Davis
Noel Davis looks at problems in PHP, cpio, rsnapshot, Gld, Axel, Domino, BrightStor ARCserve Backup, xv, Pine, GnomeVFS, libcdaudio, FreeBSD's ifconf, libexif, and monkeydApr. 22, 2005

Userspace Filesystem Encryption with EncFS by KIVILCIM Hindistan
Laptops and removable storage devices are convenient both for users and for thieves. While you can't always protect the device from wandering away, you can protect the data. EncFS, a user-level encrypted filesystem in a file, makes this possible. KIVILCIM Hindistan explains how. Apr. 14, 2005

Linux Kernel Vulnerabilities by Noel Davis
In Noel Davis' latest column, he looks at problems in the Linux kernel, Telnet, sharutils, Ethereal, Midnight Commander, mpg321, OpenMosixView, cdrecord, ImageMagick, and grip. Apr. 8, 2005

KDE Trouble by Noel Davis
Noel Davis looks at problems in KDE, MySQL, Perl, Ximian Evolution, GnuPG, OpenSLP, Ringtone Tools, LuxMan, and Ethereal. Mar. 25, 2005

Problems in GProFTPD by Noel Davis
Noel Davis looks at problems in GProFTPD, bsmtpd, Uim, phpMyAdmin, Vim, Cyrus IMAPd, the Kodak Color Management System on Solaris, Arkeia Network Backup, curl, and PuTTY.  Mar. 11, 2005

Trouble in the Kernel, VMware, and PostgreSQL by Noel Davis
Noel Davis looks at problems in the Linux kernel, VMware, PostgreSQL, Squid, MySQL, mailman, Apple OSX HFS+, movemail with GNU Emacs or XEmancs, KStars, typespeed, awstats, and synaesthesiaFeb. 28, 2005

Perl Trouble by Noel Davis
Noel Davis looks at problems in Perl, PostgreSQL, ncpfs, Squid, cpio, UW IMAP, ChBg, FireHOL, Clam AntiVirus, and f2cFeb. 11, 2005

Linux and Darwin Kernel Trouble by Noel Davis
Noel Davis looks at problems in the Linux kernel, the Darwin/Mac OS X kernel, iSync, Ethereal, enscript, hylafax, rssh, Xine-lib, mpg123, and Konversation. Jan. 27, 2005

DB2 Problems by Noel Davis
Noel Davis looks at problems in DB2, SHOUTcast, nasm, Vilistextum, libtiff, wxGTK2, phpGroupWare, Vim, namazu2, and htmlheadlineJan. 14, 2005

Linux AMD64 Kernel Bug by Noel Davis
Noel Davis looks at a Linux 2.4 kernel bug on AMD64 machines, problems in Samba, changepassword.cgi, MPlayer, the MIT Kerberos 5 administration library, logcheck, Sybase Adaptive Server Enterprise, Konqueror, Debian debmake, Xpdf, and xzgvDec. 29, 2004

J2SE Woes by Noel Davis
Noel Davis looks at problems in the Java 2 Runtime Environment, wget, FreeBSD's procfs and linprocfs, OpenSSL, OpenSSH, AbiWord, Blogtorrent, scponly, rssh, and kfaxDec. 17, 2004

ELF Trouble by Noel Davis
Noel Davis looks at problems in the Linux kernel, sudo, TWiki, phpBB, cscope, Cyrus IMAP, Bugzilla, ProZilla, unarj, libxml2, and fetchDec. 1, 2004

Media-Tool Trouble by Noel Davis
Noel Davis looks at problems in libgd, mtink, zip, ruby, Samba, freeamp, Kaffeine and gxine, Portage, zgv, shadow, and BNC. Nov. 24, 2004

Trouble in iptables by Noel Davis
Noel Davis looks at problems in Linux iptables, OpenSSL, PuTTY, rssh, Quake II Server, libmagick6, HP Serviceguard, Xpdf, FreeRadius, WVTFTPD, GNU tftp, and pppdNov. 19, 2004

mod_ssl Problems by Noel Davis
Noel Davis looks at problems in mod_ssl, LibTIFF, mpg123, LessTif, the Cyrus SASL library, MySQL, CUPS, ProFTPD, and the Squid web proxy cache. Oct. 19, 2004

Temporary-File Race Conditions by Noel Davis
Noel Davis looks at a collection of temporary-file race conditions, and problems in Samba, GNU sharutils, JRun, Subversion, imlib, IBM AIX ctstrtcasd, YahooPOPs, and OpenOffice.org. Oct. 6, 2004

New Apache by Noel Davis
Noel Davis look at problems in Apache 2.x, GNU Radius, libXpm, CUPS, gdk-pixbug, cdrtools, SUS, and Webmin. Sep. 20, 2004

Linux Kernel Exploitation by Noel Davis
Noel Davis looks at problems in the Linux kernel, Oracle Database Server, Oracle Application Server, DB2 Universal Database, vpopmail, MIT Kerberos 5, cfengine, CDE libDtHelp, Anonymous CVS, Samba, the zlib library, Courier-IMAP, and Python.  Sep. 9, 2004

Qt Trouble by Noel Davis
Noel Davis looks at problems in Qt, SpamAssassin, MySQL, rsync, NetBSD ftpd, Xine-lib, KDE, Adobe Acrobat Reader, Gaim, and xv.  Aug. 23, 2004

CDE Trouble by Noel Davis
Noel Davis looks at problems in CDE's dtlogin, Oracle, SquirrelMail, SoX, phpMyAdmin, wvWare, Openftpd, CVSTrac, PostgreSQL's ODBC driver, PuTTY, and Citadel/UX.  Aug. 9, 2004

PHP Trouble by Noel Davis
Noel Davis look at problems in PHP, Samba, mod_ssl, HP-UX's xfs and stmkfont, Ethereal, l2tpd, Domino, APC PowerChute Business Edition, Webmin, and Lexmark network printers. Jul. 26, 2004

Device-Driver Trouble by Noel Davis
Noel Davis looks at problems in the Linux kernel, Apache 2, the Linux Virtual Server, Pure-FTPd, FreeBSD's Linux binary compatibility mode, Domino, Shorewall, libpng, and the X Display Manager. Jul. 13, 2004

Kernel DoS Vulnerability by Noel Davis
Noel Davis looks at problems in the Linux kernel, www-sql, super, rssh, Horde-IMP, GNU GNATS, gzip, ISC DHCP, and supJun. 28, 2004

Subverted by Noel Davis
Noel Davis look at problems in Subversion, Apache's mod_proxy and mod_ssl, Squid, MIT's krb5, RealOne, RealPlayer, ksymoops-gznm, smtp.proxy, FreeBSD's Jail(), Aspell, Tripwire, and icecastJun. 14, 2004

KDE Trouble by Noel Davis
Noel Davis looks at problems in KDE, CSV, Subversion, Firebird, FreeBSD msync(), mailman, Opera, Apple's HelpViewer, cPanel, and xpcdJun. 2, 2004

Apache Repaired by Noel Davis
Noel Davis looks at a problems with the Apache web server, the Linux kernel, Systrace, ssmtp, exim, SuSE Live CD 9.1, Heimdal k5admind, Kolab, IRIX Networking Security, and NukeJokes. May. 17, 2004

TCP Vulnerability by Noel Davis
Noel Davis looks at problems in the TCP protocol, Midnight Commander (mc), proftpd, OpenOffice, libpng, rsync, LHA, Utempter, X-Chat, and sysklogdMay. 3, 2004

MySQL Trouble by Noel Davis
Noel Davis looks at problems in the Linux kernel, MySQL, CVS, Cadaver, subversion, sitecopy, tla, iproute, Zope, logcheck, kdeprint, emil, and GNU Sharutils.  Apr. 22, 2004

Squid Security Issues by Noel Davis
Noel Davis looks at problems in squid, Ethereal, monit, texutil, nstxd, eMule, vfte, YaST Online Update, oftpd, OpenLDAP, and MPlayer. Apr. 7, 2004

OpenSSL Vulnerabilities by Noel Davis
Noel Davis looks look at problems in OpenSSL, sysstat, metamail, Mozilla, ModSecurity, Samba, Crafty, UUDeview, metamail, and calife. Mar. 23, 2004

New Nmap by Noel Davis
Noel Davis looks at a new version of Nmap, problems in jailed processes under FreeBSD, and other problems in Adobe Acrobat Reader, the GNU Coreutils dir command, xboing, Apple Filing Protocol, libxml2, GNU Anubis, Sun's passwd command, and Safari.  Mar. 8, 2004

Kernel Trouble by Noel Davis
Noel Davis looks at problems in the Linux kernel, AMD64 Linux kernels, XFree86, slocate, mod_python, susehelp, mutt, metamail, Mailmgr, PWLib, clamav, and NetBSD's Racoon IKE daemon. Feb. 23, 2004

Real Problems by Noel Davis
Noel Davis looks at problems in PHP, Perl, the GNU C Library, OpenBSD, FreeBSD, NetBSD, Oracle9i, RealOne, RealPlayer, CVSup, gaim, GNU libtool, and mailmanFeb. 11, 2004

Lotus Trouble by Noel Davis
Noel Davis looks at problems in Lotus Notes for Linux, tcpdump, mod_perl, kdepim, honeyd, NetWorker, NetPBM, jabber, mc, and Mambo Open Source. Jan. 26, 2004

Web App Security Testing with a Custom Proxy Server by Nitesh Dhanjani
Assuming users will only access your web applications as you intend may be the best way to invite abuse. Attackers have tools to build bogus responses, so why not use the same techniques to toughen your own sites? Nitesh Dhanjani demonstrates how a custom proxy server can help you test the security of your web apps. Jan. 22, 2004

Linux Kernel Trouble by Noel Davis
Noel Davis looks at problems in the Linux kernel, Ethereal, Tethereal, INN, mpg321, vbox3, isakmpd, nd, phpGroupWare, and enqJan. 12, 2004

Apache Regex Problems by Noel Davis
Noel Davis looks at problems in Apache, mod_php, XDM, Goahead Web Server, Xerox Document Center, SARA, phpBB2, OpenBB, SquirrelMail, and pServ. Dec. 29, 2003

Linux Kernel Problems by Noel Davis
Noel Davis looks at problems in the Linux kernel, rsync, cdwrite, 4inarow, CVS, Ebola, net-snmp, lftp, and irssi.  Dec. 15, 2003

Hiding Secrets with Steganography by Dru Lavigne
Bad guys in the movies all keep their wall safes hidden behind paintings. Is there a metaphor in there for your sensitive files? Dru Lavigne explores steganography, or hiding secret messages in images or sounds, with the outguess and steghide utilities. Dec. 4, 2003

BIND DoS Attack by Noel Davis
Noel Davis looks at a denial-of-service attack against BIND and problems in KDE, GnuPG, screen, Ethereal, FreeRadius, mod_gzip, Pan, detecttr, OpenCA, EPIC, and libnidsDec. 1, 2003

Introducing mod_security by Ivan Ristic
Every layer of security you can add is one more deterrent for the bad guys. Writing (or choosing) secure code is important, but it's not the only defense. Ivan Ristic, creator of mod_security, explains how this Apache module can turn back potential attacks before they reach your code. Nov. 26, 2003

Trouble with glibc by Noel Davis
Noel Davis looks at problems in the standard C library libc and in xinetd, hylafax, pServ, UnAce, Quagga, Zebra, terminatorX, and omega-rpgNov. 17, 2003

New Apache by Noel Davis
Noel Davis looks at a new release of Apache, and problems in fileutils, coreutil, anonftp, Kpopup, CUPS, Libnids, PostgreSQL, thttpd, mod_security, and the Linux Java Installer.  Nov. 5, 2003

OpenOffice Irritation by Noel Davis
Noel Davis looks at problems in OpenOffice, slocate, fetchmail, GDM, Tomcat, ircd, HPUX's dtprintinfo, and Openserver's Xsco. Oct. 20, 2003

Problems Aplenty by Noel Davis
Noel Davis looks at problems in XFree86, Stunnel, Exim, wu-ftpd, pam_smb, gdm2, pam_ldap, whois, the atari800 emulator, Horde, MPlayer, and Node. Oct. 15, 2003

PHP Security, Part 3 by John Coggeshall
A malicious user will likely start his attack by using your system in ways you never anticipated. Your system logs are an oft-neglected defense tool. John Coggeshall shows how PHP's error logging and reporting functions can help you secure your applications. Oct. 9, 2003

Denial-of-Service Attacks by Noel Davis
Noel Davis looks at denial-of-service attacks against Apache, OpenSSL, and FreeBSD, and problems in Perl, lsh, Teapop, ProFTPD, TclHttpd, MPlayer, Node, mpg123, and Freesweep. Oct. 6, 2003

Sendmail Trouble by Noel Davis
Noel Davis looks at problems in Sendmail OpenSSH, Pine, saned, MySQL, gtkhtml, and Solstice AdminSuite.  Sep. 22, 2003

Inside Prelude, an Open Source IDS by KIVILCIM Hindistan
Keeping the bad guys out is important. Knowing whether, not if, they're in is even more important. Prelude, an open source IDS, takes a hybrid approach to security, collecting information from various sensors. KIVILCIM Hindistan talks to Yoann Vandoorselaere, Prelude's lead developer. Sep. 18, 2003

Inside Prelude, an Open Source IDS
 Sep. 18, 2003

Distributed Computing Sanity Checking by Howard Feldman
Distributed computing can be a little scary. Clients are running code on their computers and servers are trusting clients to send back valid data. However you're participating, how can you be secure? Howard Feldman suggests several techniques to evaluate the trustworthiness of a distributed computing project. Sep. 11, 2003

FreeBSD Jails by Mike DeGraw-Bertsch
A common security breach involves exploiting one application to gain access to another. Keeping separate applications separate can limit the potential damage. Mike DeGraw-Bertsch explains how FreeBSD's jails can help secure necessary applications. Sep. 4, 2003

PHP Security, Part 2 by John Coggeshall
If you have users, you'll undoubtedly have bad guys trying to break things. As a developer, it's your responsibility to make sure your code is secure. John Coggeshall explains how system calls from PHP can be exploited -- and how to make them secure. Aug. 28, 2003

GNOME trouble by Noel Davis
Noel Davis looks at problems in BitKeeper, the GNOME Display Manager, rcpd, ViRobot Linux Server, OpenSLP, eMule, lMule, xMule, netris, and autorespond.  Aug. 27, 2003

FreeBSD Access Control Lists by Daniel Harris
The Unix permissions model has worked for decades due to its flexible simplicity. It's not the only approach, though. FreeBSD 5.0 supports Access Control Lists, which allow for more flexible permissions. Daniel Harris explains what ACLs can make easier. Aug. 14, 2003

Postfix Attack by Noel Davis
Noel Davis looks at problems in Postfix, DB2, stunnel, OpenSSH, up2date, eroaster, wget, xfstt, xpcd, pam-pgsql, xtokkaetama, and Half-Life. Aug. 11, 2003

PHP Security, Part 1 by John Coggeshall
If you have users, you'll undoubtedly have bad guys trying to break things. As a PHP developer, it's your responsibility to make sure your code is secure. John Coggeshall demonstrates one common PHP error that can leave you vulnerable, and he explains how to think like a bad guy to prevent these mistakes in the first place. Jul. 31, 2003

Kernel Problems by Noel Davis
Noel Davis looks at problems in Linux 2.4 kernels, Apache, VMware, BRU, Oracle, fdclone, simi, wimi, phpMyAdmin, nfs-utils, mpg123, and phpGroupWare. Jul. 28, 2003

USENIX 2003 by Dustin Puryear
USENIX's annual technical conference took place last month in Texas. Dustin Puryear was on the scene. What's surprising? Microsoft's presence, meeting the needs of Unix administrators. Jul. 17, 2003

Unzipping Problems by Noel Davis
Noel Davis looks at problems in PHP, OpenLDAP, Xpdf, Adobe Acrobat Reader, Mozart, liece, OpenBSD's Packet Filter, unzip, Imagemagick, Ezbounce, semi, and wemi. Jul. 14, 2003

Common Style Mistakes, Part 2 by John Coggeshall
Writing code well means balancing expressiveness with elegance. Remember, you're writing code that must be maintained. In the second of a series on PHP Paranoia, John Coggeshall gives three tips to write code that's easier to understand. Jul. 10, 2003

Summer GNATS Trouble by Noel Davis
Noel Davis looks at problems in OpenSSH, radiusd-cistron, Ethereal, ypserv, lbreakout, GNATS, frox, poster, eldav, and PerlEdit.  Jun. 30, 2003

Changes in pf: Packet Filtering by Jacek Artymiak
OpenBSD's packet filter has really grown up. Since its introduction in OpenBSD 3.0, it's become an advanced tool for networking and security. In the third of four articles, Jacek Artymiak explores new options for packet filtering with pf in OpenBSD 3.2, after NAT and redirection have taken place. Jun. 26, 2003

More Kernel Trouble by Noel Davis
Noel Davis looks at problems in Linux kernels, GNU Zip, xaos, Speak Freely, eterm, Hangul Terminal, typespeed, mikmod, kon2, zblast/xzb, and zenTrack.  Jun. 16, 2003

Apache Vulnerabilities by Noel Davis
Noel Davis looks at vulnerabilities to denial-of-service attacks with Apache web server and with CUPS; buffer overflows in PHP, glibc, and gps; and problems with ghostscript, Apache Portable Runtime (APR), mod_gzip, Batalla Naval, and Xmame. Jun. 4, 2003

Common Style Mistakes, Part 1 by John Coggeshall
Programming securely is more than working down a list of checkboxes. You must adopt a security mindset. In the first of a series called PHP Paranoia, John Coggeshall explains several PHP style mistakes that make writing solid code more difficult. May. 29, 2003

Adventures with Kerberos, CVS, and GSS-API by Jennifer Vesperman
One of the difficulties of writing about technology is exploring the dark corners where no one's ever been before. Jennifer Vesperman, author of the upcoming Essential CVS, recently tried to make her CVS installation use Kerberos authentication. She describes how she went about integrating the two in this article. May. 22, 2003

Linux Kernel Problems by Noel Davis
Noel Davis looks at problems in Linux 2.4 kernels, sendmail, IMAP clients, cdrecord, lv, GNU Privacy Guard, EnGarde Secure Linux's sudo, SCO OpenLinux's mgetty and faxspool directory, BEA WebLogic Server, Unreal Engine, and WebLogic Express. May. 19, 2003

DHCP on a Multi-Segment Network by Dru Lavigne
Dru Lavigne previously covered DHCP and its terminology and setting up a simple DHCP server. On a larger network, subnets and relaying make things a little trickier. This week she explains how to configure DHCP for a large network. May. 15, 2003

Changes in pf: More on NAT by Jacek Artymiak
OpenBSD's packet filter has really grown up. Since its introduction in OpenBSD 3.0, it has become an advanced tool for networking and security. In the second of four articles, Jacek Artymiak presents a sample NAT and DMZ ruleset that is easily customized. May. 8, 2003

Monkey Trouble by Noel Davis
Noel Davis looks at problems in Portable OpenSSH, Portable OpenSSH under AIX, ATM on Linux, Qpopper's poppassd, Monkey HTTPd, Red Hat's mod_auth_any, pptpd, EPIC4, HPUX's rexec, and vulnerabilities in Cisco equipment.  May. 5, 2003

Working with Forms in PHP, Part 2 by John Coggeshall
If you're doing any serious work with PHP, you'll eventually have to deal with file uploads. John Coggeshall explains how to process HTTP file uploads with PHP 4.3. May. 1, 2003

Configuring a DHCP Server by Dru Lavigne
In her previous article, Dru Lavigne introduced DHCP and its terminology. This week, she explains how to configure a DHCP for a small and reasonably simple network. May. 1, 2003

Snort Problems by Noel Davis
Noel Davis looks at buffer overflows in Snort and SheerDNS, and problems in Xinetdvixie-cron, Oracle E-Business Suite FNDFS, xfsdump, Ximian Evolution, GtkHTML, kdegraphics, and psbanner.  Apr. 21, 2003

Introducing DHCP by Dru Lavigne
On all but the smallest TCP/IP network, it's handy to configure network information for computers automatically. That's what DHCP does. It's easy to act as a DHCP client, but configuring a server is a little trickier. Dru Lavigne introduces DHCP and explains what you need to know to setup a simple DHCP server. Apr. 17, 2003

Apache Security Update by Noel Davis
Noel Davis looks at a security update to Apache; a major problem in sendmail; buffer overflows in Balsa, libsmtp, passlogd, lpr-ppd, and Solaris' dtsession; and problems in NetPBM, Eye of GNOME, the Progress database, and Red Hat Linux 9's vsftpd daemon. Apr. 7, 2003

Ten Security Checks for PHP, Part 2 by Clancy Malcolm
The same global access that makes web apps useful means that you have to keep on top of security. Though it's easy to create sites in PHP, it's not immune to sloppy coding. Clancy Malcolm explains how to recognize and fix five potential security holes with PHP in the second of two articles. Apr. 3, 2003

File Integrity and Anti-DDoS Utilities by Dru Lavigne
tripwire's not the only file integrity utility. Dru Lavigne explores aide and yafic, tools for making sure your system is clean of intrusion, and introduces utilities to detect DDoS programs. Apr. 3, 2003

Linux Kernel Root Hole by Noel Davis
Noel Davis looks at a root hole in the Linux kernel; buffer overflows in Samba, qpopper, ircii, Mutt, DeleGate, SuSE's lprold, and Ethereal; and problems in OpenSSL, MySQL, man, tcpdump, and Red Hat's rxvt.  Mar. 24, 2003

Ten Security Checks for PHP, Part 1 by Clancy Malcolm
The same global access that makes web apps useful means that you have to keep on top of security. Though it's easy to create sites in PHP, it's not immune to sloppy coding. Clancy Malcolm explains how to recognize and fix five potential security holes with PHP in the first of two articles. Mar. 20, 2003

Checking System Integrity with tripwire by Dru Lavigne
In a secure system, everything has its place. If something's out of place, you'll know it. Dru Lavigne explains how tripwire, the file integrity utility, can monitor your system for anomalies. Mar. 20, 2003

Hackers Meet Soldiers by George Peter Staplin
OpenBSD has a well-deserved reputation for fanatical security. Why is the U.S. military funding it? What do you get out of it? Cameron Laird and George Peter Staplin investigate. Mar. 13, 2003

Working with Forms in PHP, Part 1 by John Coggeshall
PHP is handy for templating and displaying dynamic data, but you're missing its full power until you handle user data. John Coggeshall explains how PHP 4.3 handles form submissions securely and sanely. Mar. 13, 2003

Buffer Overflows in sendmail by Noel Davis
Noel Davis looks at buffer overflows in sendmail; Snort; the gzprintf() function supplied with the zlib library; and the lprm utility under OpenBSD, as well as problems in BIND; file; tcpdump; terminal emulators; Internet Message; and Messaging in the Emacs World.  Mar. 11, 2003

Avoiding Trojans and Rootkits by Dru Lavigne
It's a sad reality that connecting to the Internet puts your computer at risk. Of course, there are several ways to mitigate that risk. Dru Lavigne explains a few good habits to reduce the danger and introduces tripwire, an open source file integrity utility. Mar. 6, 2003

NAT with pf by Jacek Artymiak
OpenBSD's packet filter has really grown up. Since its introduction in OpenBSD 3.0, it has become an advanced tool for networking and security. In the first of four articles, Jacek Artymiak examines recent updates to pf. This week, he looks at Network Address Translation. Mar. 6, 2003

Creating Systrace Policies by Michael W. Lucas
The systrace project is spreading from Open and NetBSD to other free Unixes. Having introduced systrace in a previous column, Michael Lucas demonstrates how to write a systrace policy from scratch -- or use an existing one. Feb. 27, 2003

OpenSSL Timing Attack by Noel Davis
Noel Davis looks at problems in OpenSSL, Oracle, mod_php, MySQL, pam_xauth, VNC, apcupsd, nethack, Rogue, and BitchX. Feb. 24, 2003

Working with Permissions in PHP, Part 2 by John Coggeshall
Having explained the Unix security model in his last column, John Coggeshall explains the permissions functions in PHP and how to use them. Feb. 20, 2003

PAM by Dru Lavigne
Last time, Dru Lavigne introduced one time passwords. Rather than an all-or-nothing approach, most free Unixes support several different authentication methods. This time, Dru explores PAM (Pluggable Authentication Modules), which allow you to govern how users log on and authenticate themselves. Feb. 20, 2003

chrooted ntpd in NetBSD by Emmanuel Dreyfus
Recently, support was added to the NetBSD Operating System to run the Network Time Protocol Daemon (ntpd) under an unprivileged user ID in a chroot jail. In the second of two articles, Emmanuel Dreyfus explains the changes required to allow ntpd to do its magic while chrooted. Feb. 13, 2003

Linux Kernel Problems by Noel Davis
Noel Davis looks at problems in the Linux kernel, Kerberos, dchp3, the Blade encoder, WebSphere Advanced Server, SpamAssasin, OpenBSD's chpass, Red Hat Linux 8.0's kernel-utils package, w3m, Window Maker, and HPUX's wall. Feb. 10, 2003

One-Time Passwords by Dru Lavigne
You've replaced telnet with ssh. You've instituted password-checking utilities, and you rotate passwords monthly. Still feeling paranoid? Dru Lavigne's got the answer -- one time passwords. This alternate authentication method for FreeBSD means your security won't be jeopardized even if someone sniffs your password. Feb. 6, 2003

Working with Permissions in PHP, Part 1 by John Coggeshall
The last series of PHP Foundations explained the basics of files and directories. If you're making your files public, though, you need some security. PHP follows the Unix model of user, group, and world permissions. John Coggeshall explains the Unix permission model. Feb. 6, 2003

Securing Systems with chroot by Emmanuel Dreyfus
Recently, support was added to the NetBSD Operating System to run the Network Time Protocol Daemon (ntpd) under an unprivileged user ID in a chroot jail. In the first of two articles, Emmanuel Dreyfus explains buffer overflows -- a typical Unix security flaw, then explains a chroot jail and the motivation for running a program in it. Jan. 30, 2003

Systrace Policies by Michael W. Lucas
NetBSD and OpenBSD have an interesting new system policy manager called systrace. With the proper policies, system administrators can control which system calls can be made and how. Michael Lucas explains how this works and how to understand -- and write -- a good policy file. Jan. 30, 2003

CVS Problems by Noel Davis
Noel Davis looks at problems in Concurrent Versions System (CVS), DHCP, slocate, Vim, Linux printer drivers, susehelp, fnord, mpg123, Astaro Security Linux firewall, and phpLinks. Jan. 27, 2003

Patching OpenBSD by Jacek Artymiak
The nice thing about software is that you can patch it to fix problems. The tricky thing about software is that you have to patch it to fix problems. Your systems are only as secure as your patching strategy allows. Jacek Artymiak explains how to apply patches to your OpenBSD machines. Jan. 16, 2003

CUPS Vulnerabilities by Noel Davis
Noel Davis looks at buffer overflows in libmcrypt, HSphere Webshell, HTTP Fetcher Library, LCDproc, and UnixWare and Open UNIX's ps; and problems in the Common Unix Printing System, BitKeeper, FreeBSD's fpathconf(), S-PLUS, dhcpcd, leafnode, and Middleman. Jan. 13, 2003

Cryptosystems: Debugging IPSec by Dru Lavigne
You've learned about cryptosystems. You understand VPNs. You've installed IPSec. You'd like it to work. Take heart, Dru Lavigne's final installment of "Cryptosystems" explains how to debug IPSec. Jan. 9, 2003

Buffer Overflows in SSH and PHP by Noel Davis
Noel Davis looks at buffer overflows in SSH, PHP, typespeed, Cyrus IMAP Server, Cyrus SASL library, and pdftops; and problems with PFinger, KDE, and zkfingerd. Dec. 30, 2002

Cryptosystems: Configuring IPSec by Dru Lavigne
VPNs make it possible to have secure networks on top of the insecure public Internet. Having explained the concepts, Dru Lavigne's newest Cryptosystems article demonstrates how to configure IPSec. Dec. 26, 2002

Downloading Files from Behind the Firewall by Jacek Artymiak
Securing your network often means saying "no" to some user requests and "try this instead" to others. Instead of punching holes in your firewall, can you educate your users to use better tools? Jacek Artymiak describes effective downloading utilities, and strategies to promote them. Dec. 19, 2002

MySQL Vulnerabilities by Noel Davis
Noel Davis looks at a problem with Perl's safe mode; some serious vulnerabilities in MySQL; buffer overflows in wget, tcpdump, Canna, and GTetrinet; and problems in lynx, mICQ, Sun Cobalt RaQ 4 Server Appliances, xdvi, dvips, and Exim. Dec. 16, 2002

VPNs and IPSec Demystified by Dru Lavigne
How do you allow remote users to access resources on your network securely over an insecure connection? With a VPN. Never fear, Dru Lavigne's latest Cryptosystems column explains the concepts and terminology behind the technology. Dec. 12, 2002

Samba Vulnerabilities by Noel Davis
Noel Davis looks at problems in Samba, Pine, FreeS/WAN, Solaris priocntl(), Traceroute NANOG, kon2, libcgi-tucbr, Python, pServ, and Alcatel OmniSwitch switches. Dec. 6, 2002

Cryptosystems: Configuring SSH by Dru Lavigne
Cryptosystems are handy, but they're not for everyone right out of the box. In her second article on SSH, Dru Lavigne explores some of the more common configuration options for clients and servers. Nov. 28, 2002

BIND Issues by Noel Davis
Noel Davis looks at a large set of problems in BIND; buffer overflows in KDE's LISA, libpng, masqmail, FreeBSD resolver code, Windowmaker, Tiny HTTPd, and Zeroo HTTP Server; and problems in Lib HTTPd, KDE's telnet and rlogin KIO code, Kgpg, Squid, and UnixWare and OpenUnix's talkd. Nov. 18, 2002

TriSentry, a Unix Intrusion Detection System by Glenn Graham
Security isn't only about locking your doors. You have to know when and where the bad guys are sniffing around outside. Glenn Graham's convinced that the tripartite TriSentry suite can help keep your network secure. Nov. 14, 2002

TRUSTSECURE 2002 Report by Jacek Artymiak
TRUSTSECURE 2002, the Polish IT security conference, brought together some of the brightest minds in security today. Jacek Artymiak was there. In the latest installment of his Securing Small Networks with OpenBSD column, he summarizes the highlights and puts on his prediction hat. Nov. 14, 2002

The SSH Cryptosystem by Dru Lavigne
OpenSSH encrypts sessions between two machines, making packet sniffing much more difficult. In the second of a series on Cryptosystems, Dru Lavigne explores the default configuration of OpenSSH on FreeBSD and demonstrates how to enable key pair encryption. Nov. 14, 2002

Abuse Attack by Noel Davis
Noel Davis looks at buffer overflows in Abuse, log2mail, kadmind, Heimdal, ypserv, and trek; and problems in PHP-Nuke, lprng, pam_ldap, uudecode, and bzip2.  Nov. 4, 2002

Cryptographic Terminology 101 by Dru Lavigne
No matter how good your internal security, your data isn't safe if it's sent externally as plain text. To protect your sensitive information from prying eyes, you need cryptography. Dru Lavigne's latest column gives a crash course on this field's vital terminology. Oct. 31, 2002

Denial-of-Service Vulnerabilities by Noel Davis
Noel Davis looks at denial-of-service vulnerabilities in xinetd, syslog-ng, net-snmp, and Sun's lockd; problems with heartbeat, dvips, OpenOffice, and Cisco CatOS embedded HTTP server; and security vulnerabilities in kpf, gnome-gv, ggv, Mozilla, and PAM.  Oct. 22, 2002

Apache Vulnerabilities by Noel Davis
Noel Davis looks at buffer overflows in Apache, fetchmail, Heimdal, logsurfer, ghostview, kghostview, and WN Server; and problems in unzip, tar, gv, SMRSH, and rogue. Oct. 7, 2002

Slapper Worm by Noel Davis
Noel Davis looks at the Linux Slapper worm; a large set of vulnerabilities in NetBSD; and problems in libX11.so, OS X's nidump, DB4Web, joe, BRU Workstation, xbreaky, and Tru64/OSF1 version 3.x. Sep. 23, 2002

PHP Injection Attack by Noel Davis
Noel Davis looks at an injection attack against PHP; several problems in KDE and Konqueror; buffer overflows in gain, kadmin, multiple applications in Tru64, and Ethereal; and problems in cacti, mhonarc, wordtrans, scrollkeeper, and the Cisco VPN Client.  Sep. 16, 2002

Bugzilla Security Problems by Noel Davis
Noel Davis looks at buffer overflows in PostgreSQL, and UnixWare and Open UNIX's ndcfg; and problems in PHP, scponly, the kernel supplied with Red Hat Linux 7.3, Bugzilla, EPIC Script Light, UnixWare DNS Resolver, Mantis, an exploit for the Cisco IOS TFTP Server bug, and Red Hat's tcl/tk and expect.  Aug. 26, 2002

C Call Vulnerabilities by Noel Davis
Noel Davis looks at buffer overflows in calloc(), Sun's ONE/iPlanet Web Server, dietlibc, OpenAFS, Kerberos 5 Administration System, and PNG libraries; and problems in FreeBSD's Berkeley Fast File System, CVS, iSCSI, Red Hat Secure Web Server, tinyproxy, and IRIX named.  Aug. 12, 2002

Securing Remote PF Firewall Logs by Jacek Artymiak
Jacek Artymiak shows us how to improve the security of remotely logged firewall logs and how to calculate how much storage space we need to keep a reasonable amount of logs for convenient analysis. Aug. 8, 2002

Securing FreeBSD by Dru Lavigne
Dru Lavigne shows us several ways that we can increase the security level on a FreeBSD box. Aug. 8, 2002

Promiscuous Mode Problems by Noel Davis
Noel Davis looks at a vulnerability in PHP; buffer overflows in Cisco IOS, Fake Identd, HylaFAX, and EnGarde Secure Linux's resolver libraries; and problems in the reporting of Promiscuous Mode by the Linux kernel, Sun Fire servers, chfn, chsh, Pine, GNU Mailman, and the VNC challenge and response.  Jul. 30, 2002

Archiving PF Firewall Logs by Jacek Artymiak
Jacek Artymiak tackles automating the transfer of logs from the firewall to one of the workstations connected to the internal private network segment. Jul. 25, 2002

Squid Trouble by Noel Davis
Noel Davis looks at buffer overflows in Squid, mod-ssl, the Solaris Volume Manager, ATPhttpd, iPlanet, and kcms_configure; and problems in the CDE ToolTalk Database Server, the Linux kernel, nn, Icecast, NcFTP, and Sharp's Zaurus handheld computer. Jul. 15, 2002

Securing Small Networks with OpenBSD, Part 5 by Jacek Artymiak
On a busy network, your firewall logs could quickly fill up your hard drive or be deleted by log file rotations. Jacek Artymiak shows how not to let this happen. Jun. 20, 2002

Securing Small Networks with OpenBSD, Part 4 by Jacek Artymiak
Jacek Artymiak covers pf log file analysis. Jun. 6, 2002

SSH Port Forwarding by Daniel J. Barrett
Port forwarding is another method of allowing SSH through a firewall. This excerpt also touches on some security concerns and SSH authentication. Excerpted from Chapter 11 of SSH, The Secure Shell: The Definitive GuideApr. 25, 2002

Securing Small Networks With OpenBSD, Part 3 by Jacek Artymiak
In the third installment of our series on OpenBSD networking, Jacek Artymiak examines pf rules and potential sendmail problems. Apr. 25, 2002

Using SCP Through a Gateway by Daniel J. Barrett
Using SCP though a gateway requires a bit more configuration than SSH. Apr. 11, 2002

Securing Small Networks With OpenBSD, Part 2 by Jacek Artymiak
OpenBSD switched from using IPFilter as its default firewall to PF, or Packet Filter, as the new default. Jacek Artymiak explains how to make a smooth transition from ipf to pf.  Apr. 11, 2002

IPSec Certificate Basics by Mike DeGraw-Bertsch
Learn all of the basics necessary to use X.509 certificates for authentication in IPSec on a FreeBSD box.  Apr. 4, 2002

Buffer Overflows in PHP Forms and mod_ssl by Noel Davis
In this week's Security Alerts, Noel Davis reports buffer overflow problems in PHP forms and mod_ssl, as well as security holes in Oracle 8 and 9 systems, User Mode Linux, and the webtop application of Caldera's Open UNIX and UnixWare systems.  Mar. 4, 2002

Securing Small Networks with OpenBSD, Part 1 by Jacek Artymiak
Small networks are often more vulnerable than large ones because they lack the money to implement good security. Artymiak Jacek explains how to secure a small network on a tight budget. Feb. 28, 2002

Scanning for Rootkits by Oktay Altunergil
When a hacker gets access to your system, he will leave himself an easy way back in, called a rootkit. Oktay Altunergil shows us how to detect rootkits and remove them. Feb. 7, 2002

Snort 'n Dragon by Richard Forno
Snort and Dragon are two intrusion-detection programs that allow you to detect hackers trying to break into your system. This is the third in a series of excerpts from Chapter 7 of Incident ResponseDec. 20, 2001

Vulnerability in login by Noel Davis
In this week's Security Alerts, Noel Davis reports on a vulnerability that lets remote attackers access root through login, a problem in JRun Java app server software that exposes souce code of JavaServer pages, and a glitch in the script utility that lets users overwrite arbitrary files.  Dec. 17, 2001

Understanding Rootkits by Oktay Altunergil
Hackers have many tools that allow them to remain undetected during an attack. Understanding these tools is key to recognizing and cleaning up after an attack. Dec. 14, 2001

IPsec Tunneling Between FreeBSD Hosts by Mike DeGraw-Bertsch
IPSec encrypts data at the IP packet level, so insecure applications can be encrypted while travelling over the Internet. Mike DeGraw-Bertsch shows us how to set it up. Dec. 10, 2001

New Vulnerability in OpenSSH by Noel Davis
A new vulnerability in OpenSSH can be exploited by a local attacker to execute arbitrary code with the permissions of the root user. Noel Davis also covers problems in OpenBSD, wmtv, Auto Nice Daemon, NetDynamics, Xitami Web server, libgtop_daemon, xtel, Lotus Domino, OpenServer's setcontext and sysi86, SuSE's Postfix installation, and fml. Dec. 10, 2001

Buffer Overflow in WU FTP daemon by Noel Davis
In this week's Security Alerts, Noel Davis reports on a buffer overflow in a popular FTP daemon, as well as problems with procmail, Hypermail, and Red Hat and BSDI's UUCP applications.  Dec. 3, 2001

A New Version of OpenSSH by Noel Davis
A new release of OpenSSH fixes a variety of bugs, including a security vulnerability, while Red Hat's Stronghold has a vulnerability that can be used to disclose sensitive system files. Details on these and more in this week's Security Alerts. Nov. 26, 2001

SSH Buffer Overflow by Noel Davis
The big news this week is that the SSH Communications Security recommends that users stop using the SSH1 protocol and replace it with SSH2. Users of OpenSSH should upgrade to version 2.3.0 as soon as possible. Learn more about the SSH buffer overflow problem, plus other alerts, in this column.  Nov. 19, 2001

Network Scanning by Chris Coleman
Hackers have utilities that allow them to scan a server and discover which ports have daemons listening on them. Chris Coleman reviews tools and other rescources to help you prevent these hackers from gaining control of your computer. Nov. 15, 2001

Ethereal and NMap by Richard Forno
This is the first in a series of excerpts from Chapter 7 of Incident Response, covering the nmap port scanner and the Ethereal network scanner. Nov. 15, 2001

A DoS Attack via Tux by Noel Davis
In this week's Security Alerts, Noel Davis highlights a DoS attack on Tux, the Web server in the Linux kernel, and other vulnerabilities in open source software, Novell, Cisco, and Mac OS 10.1.  Nov. 13, 2001

Time and Tide Wait for No Protocol by Richard E. Silverman
An analysis of the SSH Keystroke Timing Attack, by Richard Silverman, author of SSH, The Secure Shell: The Definitive GuideNov. 8, 2001

Linux syncookies Vulnerability and an scp/sftp bug by Noel Davis
In this week's Security Alerts, Noel Davis reports on a vulnerability in the cookie used by netfilter, a weakness that allows an attacker to access the Web admin template in Lotus Domino, and a bug in some versions of scp and sftp.  Nov. 5, 2001

Linux Buffer Overflows and an old SSH Daemon by Noel Davis
In this week's Security Alerts, Noel Davis reports on a bug in the Linux kernel that can allow files that exceed a user's quota limits; an old daemon hanging around in SSH 2; and vulnerabilities in Red Hat's printing system.  Oct. 29, 2001

A Root Exploit and DoS in the Linux Kernel by Noel Davis
In this week's Security Alerts, Noel Davis looks at a root exploit and a denial-of-service attack in the Linux kernel; buffer overflows in Snes9x and Oracle 9i Web Cache; and problems in PAM's login, Squid, Apache, Mac OS X, W3Mail, sdiff, and looking-glasses. Oct. 22, 2001

Firing up Firewalls by Chris Coleman
A firewall is an important weapon in your defense against hackers. Chris Coleman helps you get started with all the tools needed to install a firewall. Oct. 19, 2001

A Sysadmin's Security Basics by Mike DeGraw-Bertsch
A checklist of network security items includes user passwords, email client settings, firewalls, a DMZ, SSH and a list of tools to check your network. Oct. 18, 2001

Vulnerabilities in Lotus Domino, Zope, and Cisco Secure PIX Firewall by Noel Davis
In this week's Security Alerts, Noel Davis reports on vulnerabilities in Zope, Mandrake and Caldera uucp packages, PHP Nuke, Lotus Domino, and more.  Oct. 15, 2001

Vulnerabilities in sendmail, speechd, and OpenServer vi by Noel Davis
In this week's Security Alerts, Noel Davis reports problems in sendmail, Solaris Yellow Pages, CDE ToolTalk, speechd, FreeBSD login, OpenServer vi, Hushmail's Web-based email server, and FreeBSD's OpenSSH. Oct. 8, 2001

PAM Modules by Jennifer Vesperman
While most Pluggable Authentication Modules are designed for authentication, programmers have written ones to handle a host of other issues. Jennifer Vesperman introduces to some of the more useful modules available. Oct. 5, 2001

OpenSSH Problems by Noel Davis
In this week's Security Alerts, Noel Davis reports that sftp is the weakest link in OpenSSH. Find out what to do about it and problems with Websphere, Red Hat setserial, and Apache running on OS X.  Oct. 1, 2001

Introduction to PAM by Jennifer Vesperman
Pluggable Authentication Modules provide a solution to the difficulties of user authentication. Jennifer Vesperman introduces PAM and helps you get started. Sep. 27, 2001

Buffer Overflows in uidadmin by Noel Davis
In Security Alerts for Sept. 24, 2001, Noel Davis warns about buffer overflows in Open Unix and UnixWare's uidadmin, an exploit in glFTPD, a vulnerability in the Web-based email system Basilix, and more.  Sep. 24, 2001

Linux Virus Reported by Noel Davis
In this week's Security Alerts, Noel Davis warns about a Remote Shell Trojan Linux-based virus, buffer overflows in fetchmail, and problems in the BSD Line Printer Daemon.  Sep. 18, 2001

Buffer Overflow in OpenServer's Mana by Noel Davis
This week Noel Davis warns about a buffer overflow in OpenServer's mana; symbolic link race conditions in Solaris' patchadd and the Netscape 6.01a installation scripts; and problems in ProFTPd, Conectiva Linux's tcltk, NetBSD's dump, mailman, mod_auth_mysql, Directory Manager, Taylor UUCP, screen, PHProjekt, and Red Hat's lpd.  Sep. 10, 2001

Buffer overflows in OpenUnix 8 utilities and the Solaris printer daemon by Noel Davis
In this week's Security Alerts, Noel Davis looks at buffer overflows in OpenUnix 8 utilities, vulnerabilities in the Macromedia ColdFusion server and other weak links in your system. Sep. 4, 2001

More Telnet Daemon Vulnerabilities by Noel Davis
Noel Davis shows us buffer overflows in Linux telnet daemons, IBM AIX telnet daemons, the Kerberos 5 telnet daemon, Window Maker, and Solaris' xlock; temporary-file race conditions in AllCommerce and rcs2log; and vulnerabilities in ZyXEL Prestige 642R and 642R-I ADSL routers, groff, OpenLDAP, fetchmail, UnixWare Package Tools, docview, and ColdFusion Server 5.  Aug. 13, 2001

Security Alerts: Linux IP Masquerading by Noel Davis
Noel Davis shows us buffer overflows in xloadimage, ucd-snmp, Oracle dbsnmp, and xmcd's cda; and vulnerabilities in phpMyAdmin, wvdial, Slackware's man, Linux IP masquerading, and Slackware's locate.  Aug. 6, 2001

IPFilter on OpenBSD by Mike DeGraw-Bertsch
IPFilter is a firewall widely used by BSD and Solaris. Mike DeGraw-Bertsch explains how to set it up on OpenBSD and explains a basic ruleset. Aug. 2, 2001

Linux Kernel Bug by Noel Davis
Noel Davis shows us a bug in Linux Kernels newer than 2.4.3; a buffer overflow in Solaris' dtmail; vulnerabilities in CylantSecure, PHPLib, top, Apache, tar, Firewall-1, Arkeia backup software, and IRIX's netprint; and talks about the configuration of Cayman DSL routers.  Jul. 30, 2001

PHP's Encryption Functionality by W.J. Gilmore
Encryption and hashing allow you to secure and verify data. W. J. Gilmore introduces encryption functions and hashing methods available to PHP.  Jul. 26, 2001

Security Alerts: Remote Root Exploit in Telnet Daemon by Noel Davis
Noel Davis shows us a root exploit in BSD derived telnet daemons; buffer overflows in xman, the Merrit and Lucent RADIUS servers, ypbind, the AIX libi18n Library, and tcpdump; temporary-file race conditions in lmail and tripwire; and vulnerabilities in SSH Secure Shell 3.0.0, Lotus Domino Server, IMP, SSLeay/OpenSSL, and squid. Jul. 23, 2001

Security Alerts: sudo root exploit by Noel Davis
Noel Davis shows us buffer overflows in sudo, SuSE's dip, Scotty's ntping, and UnixWare's statd; a flaw in FreeBSD's rfork(); two vulnerabilities in Check Point's VPN-1/FireWall-1 firewall products; a new version of the rpm package manager; two vulnerabilities in Macromedia's ColdFusion Server; a minor Apache bug; a brute-force attack against SuSE's AXP Alpha xdm utility; and more on the cfingerd remote vulnerability.  Jul. 16, 2001

Tools of the Trade: Part 3 by Carl Constantine
A look at syslog and snort as security protection in this third article of our "Tools of the Trade" series. Jul. 13, 2001

Professional Paranoia: Secrets of Security Experts by Michael W. Lucas
Michael Lucas tackles the question "How do I become a security professional?" and gives practical advice on how to be more security-conscious. Jul. 12, 2001

Security Alerts: PHP Weaknesses? by Noel Davis
Noel Davis shows us a correction to the report on the AIX rsh buffer overflow; buffer overflows in Solaris' whodo, and UnixWare's su, uucp, and crontab packages, and xvt; temporary file symbolic link race condition vulnerabilities in Red Hat's LPRng, and Red Hat's crontab; problems in Poprelayd, PHP Safe mode, ePerl, 802.11b Access Points, Gnatsweb, SquirrelMail, and phpMyAdmin; and a paper on common PHP vulnerabilities. Jul. 9, 2001

Monitoring IPFW Logs by Dru Lavigne
Dru Lavigne shows us how to monitor ipfw logs and more importantly how to deal with what we find. Jul. 5, 2001

SAMBA Remote Root Exploit by Noel Davis
Noel Davis shows us buffer overflows in the GazTek HTTP Daemon, Solaris Printer Daemon, and w3m; a problem in default SAMBA installations that can be used to gain root access; and problems in Cisco 6400 NRP2, udirectory, Tarantella, Oracle 8i SQLNet, Formmail.pl, OS X directory permissions, and kdesu. Jul. 2, 2001

AIX Remote Root Exploit by Noel Davis
Noel Davis shows us buffer overflows in AIX's rsh, the curses library, Red Hat Linux's XFree86 packages, xinetd, MDBMS, BestCrypt, and cfingerd; format-string vulnerabilities in Kaspersky AntiVirus, eXtremail, and the Solaris at command; a symbolic-link race condition in KTVision; and problems in pmpost, AIX's diagrpt, and iptables. Jun. 25, 2001

Tools of the Trade: Part 1 by Carl Constantine
In this first of a three-part series, Carl Constantine covers tools and techniques that system administrators can use to protect their networks, including discussion of nmap, Ethereal, and how to set up honey pots. Jun. 22, 2001

IPFW Logging by Dru Lavigne
Firewalls can potentially block huge amounts of traffic. Dru Lavigne shows us how to fine-tune our firewall logs to reveal the traffic that concerns us most. Jun. 21, 2001

Remote Root Exploit in QPopper
Noel Davis shows us buffer overflows in the Solaris mail utility, Qpopper, and TIAtunnel; temporary-file race conditions in Imp, kmmodreg, and ispell; format-string vulnerabilities in GnuPG and exim; denial-of-service attacks against NetBSD and Fpf; and problems in OpenSSH, the Cisco Content Service Switch, and BestCrypt.  Jun. 11, 2001

Proper Paranoia: Educating Your Co-Workers by Michael W. Lucas
Michael Lucas runs a new security trainee through the gauntlet of patching live servers. He also shows how to instill a healthy attitude toward network security in those you work with by teaching them to be properly paranoid. Jun. 7, 2001

Apache.org Server Compromised by Noel Davis
Noel Davis shows us the compromise of the Apache Software Foundation Server; buffer overflows in yppasswd, Qpopper, and mailtool; vulnerabilities in TWIG, webmin, and GnuPG; a new type of attack against sendmail; and discuss the use of the user nobody.  Jun. 4, 2001

BSD Firewalls: Fine-Tuning Rulesets by Dru Lavigne
Dru Lavigne helps us fine-tune our firewall rules. She uses DHCP as an example, steps through its requirements and shows how to implement the appropriate firewall rules. Jun. 1, 2001

Carnivore: A System Admin's Concerns by Mike DeGraw-Bertsch
The packet-sniffing Carnivore box gives the FBI the ability to nab and read a suspect's e-mail and web page requests. But those are abilities every sysadmin already has, so why are we so upset? May. 29, 2001

Cheese Worm Plugs Hole Left by Lion Worm by Noel Davis
Noel Davis shows us buffer overflows in man, DQS, Netscape Enterprise Web Publisher, and IRIX Embedded Support Partner; a temporary-file race condition in the ARCservIT Unix Client; problems in Zope, Cisco Content Service Switch, CUPS, i386 syscalls in Solaris x86, and the Logitech Wireless Desktop; and talks about Cheese the "friendly" worm.  May. 22, 2001

Solaris Worm Attacks IIS Servers by Noel Davis
Noel Davis shows us problems in vixie cron, Oracle ADI, EnGarde Secure Linux, and Samba 2.0.8; discuss the sadmind/IIS worm; and how to protect your system against worms and other attackers.  May. 15, 2001

BSD Firewalls: IPFW Rulesets by Dru Lavigne
Dru Lavigne explains how to create IPFW firewall rules. May. 10, 2001

Predictable Initial Sequence Numbers by Noel Davis
Noel Davis shows us predictable initial sequence number attacks; a format string vulnerability in minicom; a buffer overflow in mailx; a new version of GnuPG; and problems in SAP R/3 demo, Bugzilla, and Red Hat Linux 7.1's mount package May. 8, 2001

Looking at the lpdw0rm Worm by Noel Davis
Noel Davis shows us the lpdw0rm worm; an updated version of OpenSSL; buffer overflows in MIT Kerberos 5's FTP Daemon, and Mercury for NetWare's POP3 Daemon; a string format vulnerability in gftp; a symbolic link race condition in nedit's backup files; a temporary file race condition in rpmdrake; and problems in phpMyAdmin, Debian's zope packages, and the Tektronix PhaserLink 850's Web Server.  May. 1, 2001

BSD Firewalls: IPFW by Dru Lavigne
Building a firewall? Dru Lavigne gets you started with an IPFW firewall on FreeBSD. Apr. 25, 2001

BSD Firewalls: IPFW by Dru Lavigne
Building a firewall? Dru Lavigne gets you started with an IPFW firewall on FreeBSD. Apr. 25, 2001

Sudo Contains Root Exploit by Noel Davis
Noel Davis shows us buffer overflows in sudo, innfeed, and Cyberscheduler; symbolic link race conditions in Samba, VMware, exuberant-ctags, and nedit; and problems in Red Hat FTP iptables, mgetty, DCForum, Cyberscheduler, and sendfiled.  Apr. 24, 2001

Scanning Your Network by Dru Lavigne
Dru Lavigne shows us how to use nmap, a port scanning utility, to secure Unix servers and workstations. Apr. 18, 2001

FTP Buffer Overflows by Noel Davis
Noel Davis shows us buffer overflows in FTP daemons, Oracle Application Server, Solaris ipcs, Solaris Xsun, and SCO OpenServers; temporary-file race conditions in pine and pico; format string bugs in HylaFAX and cfingerd; a bug that causes Netscape to execute JavaScript placed in a GIF comment; and problems in Midnight Commander, mkpasswd, Alcatel ADSL-Ethernet Bridges, and Interscan VirusWall. Apr. 17, 2001

A New Worm Targets Linux by Noel Davis
Noel Davis shows us the Linux based Adore Worm; buffer overflows in xntpd and ntpd; and vulnerabilities in SharePlex, Ultimate Bulletin Board, Lucent/ORiNOCO Closed Network, Red Hat's OpenSSH, Cisco Content Services Switches, and IPFilter.  Apr. 10, 2001

Lion Worm Continues Rampage by Noel Davis
Noel Davis shows us the Lion worm; a race condition in the Linux kernel; buffer overflows in several SCO Unix utilities; a new version of MySQL that fixes a major security problem; vulnerabilities in some Cisco routers, switches, and concentrators; and problems with Raptor Firewall, CrazyWWWBoard, Solaris tip, and Pitbull LX.  Apr. 3, 2001

Beyond Firewalls by Carl Constantine
Now that you have your firewall up and running, you're all set, right? Well, not exactly. Carl Constantine explains how to plug some of the common security holes beyond the firewall. Mar. 30, 2001

Securing a PHP Installation by Darrell Brogdon
Darrell Brogdon shows us a few basic things that should be done to secure a PHP installation. Mar. 29, 2001

MySQL File Overwrite Vulnerability by Noel Davis
Noel Davis shows us a buffer overflow in ASPSeek; a denial of service attack against timed; a new version of OpenSSH with many improvements; an attack against the private keys used by GnuPG; a race condition in the UFS and EXT2FS file systems; and problems with MySQL, VIM, FCheck, Solaris perfmon, Interchange, and Compaq's management software.  Mar. 27, 2001

Apache Insecurity Reveals Directory Contents by Noel Davis
Noel Davis discusses buffer overflows and format string vulnerabilities in icecast, Half-Life Dedicated Server, Solaris SNMP, ipop2d, ipop3d, imapd, mutt, and cfengine; temporary-file problems in the SGML-Tools package and Mesa; and problems with Apache, several FTP daemons, a Solaris SNMP agent, vBulletin, FTPFS, and Ikonboard. Mar. 20, 2001

Multi-Homed Server Vulnerabilities by Noel Davis
This week: Buffer overflows in ircd, ePerl, MIT Kerberos 4 and 5, ascdc, and slrn; temporary file problems in MIT Kerberos 4 and 5, the GNU C Library, and Athena widgets; problems with proftpd under Debian, Midnight Commander, Cisco Aironet 340 Bridges, and man2html; and loopback devices and multi-homed routing. Mar. 13, 2001

Is Your Router Insecure? by Noel Davis
Noel Davis shows us a problem in Cisco IOS that can be used to predict TCP sequence numbers in routers; problems in PHP-Nuke, Chili!Soft ASP, Nortel Networks Connectivity Extranet Switches, Joe, Veritas Cluster Server, and fcron; and a buffer overflow in mailx. Mar. 6, 2001

Java JDE Allows Unauthorized Commands by Noel Davis
Noel Davis shows us a problem in Java that allows Java code to execute unauthorized commands; buffer overflows in CUPS and sudo; temporary file problems with StarOffice, MicroFocus COBOL, and CUPS; and vulnerabilities in pgp4pine, the Solaris LDAP PAM module, adcycle, and Zope. Feb. 27, 2001

MySQL Buffer Overflow; Secure PHP Coding by Noel Davis
Noel Davis shows us buffer overflows in MySQL, analog, vixie cron, and Kerberos IV; problems with kicq, licq, and kaim; root exploits in NetBSD i386 kernels; and insecure coding with PHP and MySQL.  Feb. 20, 2001

Linux Kernel Problems; SSH Design Flaw by Noel Davis
Noel Davis shows us a system-call problem and a race condition in Linux; buffer-overflow problems in SSH-1 and XMail; DOS attack vulnerabilities in BIND 9.0.1 and ProFTPD; string format problems in man; design flaws in wireless networking security code; and temporary file problems in FreeBSD's sort. Feb. 13, 2001

Securing BSD Daemons by Dru Lavigne
Dru Lavigne shows us how to secure daemon processes by turning off the ones we don't use and using TCP wrappers to limit access. Feb. 7, 2001

Buffer-Overflow Problems in BIND by Noel Davis
Buffer-overflow bugs are discovered in BIND, gnuserv, tinyProxy, and INN; developers report issues with ntop and LPRng. Feb. 6, 2001

New Security Problems and a Warning About Checking User Input by Noel Davis
Noel Davis summarizes new security issues including buffer overflows in splitvt, bing, write, and Lotus Domino's SMTP server; temporary file problems with webmin and Apache's mod_rewrite; format string problems with icecast; ip firewalling problems with FreeBSD; and SQL problems in Postaci. Jan. 30, 2001

Cracking Passwords to Enhance Security by Dru Lavigne
Dru Lavigne shows us how to crack passwords and explains how it can help enhance system security. Jan. 24, 2001

Ramen Worm Attacks Red Hat Linux Machines by Noel Davis
An Internet worm that attacks Red Hat Linux machines has cracked hundreds of machines. Noel Davis describes this and other security problems brought to light this week.  Jan. 22, 2001

Establishing Good Password Policies by Dru Lavigne
Everyone knows secure passwords are important, but what makes a password secure? Dru Lavigne gives us some tips on creating secure passwords, and shows how to implement a password policy that requires users to create passwords securely. Jan. 17, 2001

Insecure Temporary File Functions by Noel Davis
Noel Davis reports on the latest security problems and news, including the Immunix OS security audit, issues with GNU C library, ReiserFS, linuxconf and more. Jan. 15, 2001

IBM Websphere, Shockwave Flash, and emacs Advisories by Noel Davis
Problems this week include minor problems with sendmail, exposure problems with Lotus Domino, problems in the default setup of Informix Webdriver and IBM Websphere Commerce Suite, a buffer overflow in Shockwave Flash, denial of service attacks against login, privacy problems in emacs, symlink attack in exmh, and a potential exploit against GTK+.  Jan. 8, 2001

PalmOS, Half-Life Server, and Ethereal Vulnerabilities by Noel Davis
Problems this week include more symlink problems with catman and dialog, buffer overflows in oops, halflifeserver, and ethereal, key problems with gnupg, problems with PalmOS devices, and a prime example of amazing vulnerabilities in third-party software packages.  Jan. 2, 2001

Security Alerts: SAMBA, pine, ircd, and More by Noel Davis
Noel Davis summarizes recent open source and Unix security-related advisories. Problems this week include symlink problems with joe, pico, and samba, a buffer overflow in bftpd, and problems with pine. Dec. 19, 2000

Learning From Mistakes by Stephen Figgins
A quick security fix for the Python wiki program MoinMoin presents an opportunity to learn from the mistakes of others.  Dec. 13, 2000

Security Alerts: KTH Kerberos, Red Hat PAM, and More by Noel Davis
Noel Davis summarizes open source and Unix exploits. Problems this week include local and remote root exploits in KTH Kerberos, buffer overflows in Red Hat's PAM, a discussion of security problems with web-based applications, and an example of one of these security problems in phpGroupWare.  Dec. 12, 2000

Commercial Python IDEs by Stephen Figgins
Python developers looking for a commercial IDE now have a choice, PythonWorks 1.1 or WingIDE. Dec. 6, 2000

Security Alerts: Twig, Midnight Commander, and More by Noel Davis
Noel Davis summarizes published open source and Unix exploits. Problems this week include arbitrary code execution in Twig, new symlink attacks, a hidden control code attack on Midnight Commander, and a LANGUAGE attack on glibc. Dec. 6, 2000

Wiki Python by Stephen Figgins
MoinMoin and ZWiki, two Python-related projects, provide collaborative environments for Web communities.  Nov. 29, 2000

Security Alerts: Koules Local Root Exploit And More. by Noel Davis
This week's exploits include a local root compromise in Koules 1.4, a buffer overflow in modutilities, and various problems with Alladin Ghostscript.  Nov. 28, 2000

Security Alerts: Vixie cron Exploit and More by Noel Davis
This week's column includes exploits reported for Vixie cron, OpenSSH, tcsh, and more. Nov. 20, 2000

Security Alerts: OpenBSD Non-exploit and More by Noel Davis
Noel Davis reviews the published exploits from Unix and open source. This week's Insecurities column includes a satirical non-exploit against OpenBSD Nov. 13, 2000

Open RSA: The Patent Expires by David Sims
RSA Security released its rights to license the patent on the RSA encryption algorithm, just weeks before it was due to expire. What is RSA, and what does its patent expiration mean?  Sep. 8, 2000

An Overview of OpenBSD Security by David Jorm
David Jorm explains the default security features implemented by OpenBSD and why they are important to Internet enabled computers. Aug. 8, 2000

Is Carnivore Eating You?
The FBI wants to install black boxes at ISPs to monitor email traffic of suspects. What are civil libertarians doing to try to stop it?With audio Jul. 18, 2000

Securing Your Home Network With the Edge Firewall by Carl Constantine
Should you consider setting up a home firewall, and if so, what are the pros and cons? Carl Constantine describes his adventures into home network security. Jun. 9, 2000

CYA for System Administrators by David HM Spector
Some things to keep in mind when testing your network's security, given today's litigious society.  Apr. 19, 2000

The Week in Linux News by Baiju Thakkar
More security, starters for newbies, app development, and interviews with Torvalds, Alan Cox, and Linsight's David Whitinger. Apr. 12, 2000

The Week in Linux News by Baiju Thakkar
New tutorials and reports on security, PHP, Apache and Perl.  Mar. 22, 2000

Securing Your Apache Server by Ben Laurie
This excerpt is from Chapter 13 of O'Reilly's book Apache: The Definitive Guide, 2nd Edition. Enable Apache to communicate securely over Secure Sockets Layer (SSL). Covers building, configuring, and securing an SSL-enabled Apache server under Unix. Mar. 20, 2000

The Week in Linux News by Baiju Thakkar
Network and security resources, new releases, and developer resources. Mar. 15, 2000

Preventing Distributed Denial of Service Attacks by Terry Dawson
Six ways to avoid becoming an unwilling collaborator.  Mar. 9, 2000

Linux Tools For Network Analysis by David HM Spector
Spector finds two tools for watching traffic: Ethereal and Netwatch. Mar. 3, 2000

The Week in Linux News by Baiju Thakkar
Red Hat's big deals, links to security articles, and new releases.  Feb. 28, 2000


Sponsored by: