J_K9 @ Linux

‘Hot’ Email Vulnerability

Just received the SecurityFocus Linux Newsletter #269. Check out the latest email vulunerability:

3. Mozilla Thunderbird File Attachment Spoofing Vulnerability
BugTraq ID: 16271
Remote: Yes
Date Published: 2006-01-17
Relevant URL: http://www.securityfocus.com/bid/16271
Summary:
Mozilla Thunderbird is prone to a file attachment spoofing vulnerability.

Successful exploitation may allow attackers to place malicious files on a user’s computer by tricking users into saving seemingly safe attachments. If the user subsequently opens the file, this vulnerability may facilitate arbitrary code execution in the context of the user.

Thunderbird versions prior to 1.5 are affected.

Continue reading ‘Hot’ Email Vulnerability…

AppArmor Turns Open Source

AppArmor is an application security tool which was designed as an extra layer to try to prevent application flaws leading to vulnerabilities in your system. It assesses a program and then assigns it a maximum amount of memory and certain priviledges, so that Denial of Service attacks will be limited and to contain any malware which would otherwise have affected your whole system. This brilliant innovation has just been released as Open Source, and so it is being included with the latest versions of OpenSUSE.

Here is a brief overview from the AppArmor page at OpenSUSE:

Included with SUSE Linux, AppArmor is an application security tool designed to provide a highly secure yet easy to use security framework for your applications. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing even unknown application flaws from being exploited. AppArmor security policies, called “profiles”, completely define what system resources individual applications can access, and with what privileges. A number of default profiles are included with AppArmor, and using a combination of advanced static analysis and learning-based tools, AppArmor profiles for even very complex applications can be deployed successfully in a matter of hours.

I am unsure whether it works on other distributions, but there are development .tar.gz packages which I assume can be compiled on any Linux distro - although I would bet my wallet that pre-built packages for other distros will soon be released.

A must-have security application, along with Bastille Linux!

Read the detailed description to discover how it works.

HOW TO: Secure Your Box With Bastille

Bastille is a hardening tool which is very effective at locking down your system, and all it requires is a few minutes of your time! It is currently available for the major Linux distributions: SUSE, Mandrake (the available RPM should work with Mandriva), Fedora Core, Red Hat, Debian, and Gentoo, and it is also available for HP-UX and Mac OS X, as well as the source code which can be compiled on most *nix systems. In this tutorial I shall take you through the steps of installing it and setting it up properly in order to secure your system better than before. Please note that this tutorial is designed for users new to Linux, and so may be slightly cumbersome for the more advanced users out there.

Continue reading HOW TO: Secure Your Box With Bastille…