Cramsession Linux Newsletter

home

Apr 5 2001

                    LINUX NEWS
        RESOURCES & LINKS FROM BRAINBUZZ.COM
              Thursday, April 5, 2001

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

Ximian Survey
Lion Virus is Out There...
Transgaming CEO on WineX
NSA Linux

3) Linux Resources

Securing DNS with Transaction Signatures
Free IBM Developer's Kit
Put Away the WINE
More Linux Clustering
Why I chose Windows NT over Linux: Not This Time!

4) App o’ the week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~ DOUBLEDAY

Become a Visual Basic Programming Wizard for $9.99! Get this three book/three CD-ROM set and you’ll receive instant access to authoritative VB 6 solutions - only $9.99 when you join Computer Books Direct.

http://161.58.99.48/cgi-local/redirect.pl?VZDXMOLMT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@BrainBuzz.com or visit http://cramsession.brainbuzz.com/marketing/default.asp

1) Sean’s Notes

I’ve mentioned the honeynet project before, but for those

that missed it, it’s a collection of well-monitored machines scattered throughout the Internet just waiting for a cracker to break in. Every move is logged, and a team of experts pour over the traces in order to figure out the latest in cracking techniques.

http://project.honeynet.org/scans/

What’s significant about the above URL is that each month a trace is posted, with an open challenge to perform an analysis. At the end of each month, the experts rank the solutions and provide their take on it. Take a peek through some of the old solutions. See the ease with which the system was compromised. There are attacks on both Unix and Microsoft machines. Even with the vast resources available to the software developers, critical bugs still creep in that can open your system to the world.

For those of you with some time on your hands, try giving the challenge a shot. This month, it involves an attack on an NT IIS server. I was amazed at how quickly the system was taken over.

What I found more interesting, was trying to determine what the adversary was thinking. Since I had the trace, I could see every typing error, the delay from when he made a mistake and realized it, and the files that he found interesting. Even though I did a pretty bad job of figuring out how he broke in, I think I did OK trying to figure out the person behind the keyboard.

While on the security soapbox, I should mention that a third Linux worm, Adore, has been spotted.

http://news.cnet.com/news/0-1003-200-5506966.html http://www.sans.org/y2k/adore.htm

This one uses the three vulnerabilities used in Ramen (rpc.statd, wu.ftpd, and lpd), and the one used in 1i0n (named). As Linux gains in popularity, specifically the popularity associated with large scale attacks on Linux boxen, these worms are going to keep on coming and coming.

One problem, I think, is that people become complacent and assume that their system is secure. Linux can be just as insecure as NT or anything else, don’t forget that. The benefit of Linux (and Unix), is the open nature of the software. Fixes come out faster. The more eyes on the code, the more likely that the bug will be found by the good guys first. Due to the low level at which you work in Unix, it is easier to confirm that no services are hanging around, and anomalies show up more easily.

Your best defense is to keep informed, both through web sites and your own logfiles.

Long live the Penguin,

Sean mailto:swalberg@brainbuzz.com

Visit The Linux Newsletter Board http://boards.brainbuzz.com/boards/vbt.asp?b2

2) Linux News

Ximian Survey

Ximian, formerly Helix Code, has an online survey for you. Take five minutes to let them know how you use Linux, and you could win a DVD player.

http://infopoll.net/Live/surveys/s11518.htm

Lion Virus is Out There…

Hot on the tails of the Ramen worm is the Lion… This one goes after known BIND vulnerabilities, and then installs a rootkit (trojaned binaries, sniffers, etc). This makes it harder to detect on your system, and far more dangerous.

http://www.zdnet.co.uk/news/2001/12/ns-21832.html

Transgaming CEO on WineX

Transgaming is a company that is working on getting Windows games to work on Linux. They’re doing this by supporting the WINE project, specifically on DirectX development. The CEO of the company talks about what the status and direction is, and also tosses in some wicked screen shots.

http://www.gamespy.com/interviews/march01/gavrielstate/

NSA Linux

A couple of weeks ago I brought you a couple of links on the technical aspects of the NSA Linux project. Here is a higher level overview of what’s happening, and what the potential benefits are. Believe it or not, this super secret spy agency is planning on releasing the code, too!

http://www.newsforge.com/article.pl?sid/03/23/1534247&mode=nocomme nt

3) Linux Resources

Securing DNS with Transaction Signatures

BIND has the ability to use Transaction Signatures (TSIGs) in order to sign DNS requests. For example, you could set up your secondary servers so that zone transfers are authenticated, thus preventing some DNS poisoning attacks. Read on to find out how this feature works.

http://www.networkingnews.org/headline_news/root_news/01_week_4/wee k4_NDS.ht ml

Free IBM Developer’s Kit

Order up this CD, and get free applications like Domino, DB2, and WebSphere from IBM. I just got my CD in last week so I haven’t had a chance to look at the apps, but the documentation that IBM has put on this CD is amazing. The license is only for development, so if you want to roll it out it’ll cost you, but it’s a good way to get your feet wet.

http://www-4.ibm.com/software/is/mp/linux/adk/

Put Away the WINE

Most people think VMWare and WINE when it comes to running Windows apps under Linux, but this article brings forth some other contenders. One is an application server, designed for the corporate environment, the other a cross between WINE and VMWare, made for the desktop.

http://www.linuxplanet.com/linuxplanet/reports/3071/1/

More Linux Clustering

The Linux Virtual Server project is designed to allow you to build large clusters of Linux boxen that act as one, such as a web server farm. Ericsson Research studied the scaling capabilities of the LVS, and gave this report, along with instructions on the implementation of their test farm.

http://www2.linuxjournal.com/lj-issues/issue84/4588.html

Why I chose Windows NT over Linux: Not This Time!

While this article is another “How I converted to Linux” story, it does have a lot of good technical information that most other stories of its kind don’t bother to include. It’s got a procedure to build a Samba PDC, hints on building an email server, and some other odds and ends.

http://www.linuxnewbie.org/articles/linuxovrnt1.html

4) App o’ the week

This week’s app claims that it is “Sniffing the glue that holds the Internet together”. This may seem odd until I mention that it is Ethereal, a network protocol analyzer. It has a lot of the features you’d expect in a packet sniffer, and it’s free.

http://www.ethereal.com/

(C) 2001 BrainBuzz.com. All Rights Reserved.

     This message is from BrainBuzz.com.

You are currently subscribed to the Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail: send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To Subscribe to this newsletter by e-mail: send a blank email message to:

mailto:join-linuxnews@list.brainbuzz.com

github.com/swalberg
twitter.com/seanwalberg