NETWORK WORLD NEWSLETTER: PHIL HOCHMUTH
on LINUX
11/20/01 - Today's focus: Putting a lid on the penguin

Dear Wincenty Kaminski,

In this issue:

* Protecting Linux
* Links related to Linux
* Featured reader resource

_______________________________________________________________
This newsletter sponsored by VeriSign - The Value of Trust

Do you need to encrypt all your online transactions? Secure
corporate intranets? Authenticate your Web site? Whatever
security your site needs, you'll find the perfect solution in
this FREE Guide from VeriSign, "Securing Your Web site for
Business." Get your copy today to learn the facts! Click here!
http://nww1.com/go/3500727a.html
_______________________________________________________________
TAKE IT OFF-LINE

The high-tech industry has always run at breakneck pace. Even a
wheezing economy will hardly slow it. In the past year,
business theory surrounding technology has been reinvented and
redefined multiple times. Check out the latest "must-read"
books for technology-related business theories.
http://nww1.com/go/ad204.html

_______________________________________________________________
Today's focus: Putting a lid on the penguin

By Phil Hochmuth

Since you can't have enough security these days, Linux users
may want to check out LIDS, an open source tool for locking
down their Linux-based file and Web servers.

The LIDS (Linux Intrusion Detection System) Project is an open
source development effort that has spawned some code that could
be useful in protecting Linux file systems from hackers and
keeping critical Linux applications from being compromised.

According to its creators, LIDS can be used to protect a Linux
server from attacks such as "buffer overflow" and "string
format" attacks, which are used to disrupt a Linux system's
software with a barrage of requests and gain access to the
server's system files or applications.

LIDS is a patch for Linux kernel v. 2.4.14 or earlier, and adds
security features such as access control lists, which bolster
existing Linux control mechanisms for authenticating users to a
system. It is also designed to protect files and processes from
being changed or deleted, even by users with "root" or
administrative level access to a Linux system.

LIDS adds a port scanner detector to a Linux kernel, which can
be configured to detect intruders by identifying patterns of
activity on certain server ports, such as port 80 (HTTP), and
notifying an administrator of such events. The system also can
keep a log file of rule violations and other unauthorized
access attempts on server resources. An administration tool
included in the LIDS software is used to set system rules and
to designate what files and processes to protect.

_______________________________________________________________
To contact Phil Hochmuth:

Phil Hochmuth is a staff writer for Network World, and
a former systems integrator. You can reach him at
mailto:phochmut@nww.com.
_______________________________________________________________
NW Fusion's BuyIT has the IT resources you need!  Our directory
hosts thousands of qualified service providers.  Post an RFP
anonymously and FREE, receive competitive bids, begin
negotiations, and get your project done right!
http://nwfusion.newmediary.com/nww110901nwltr1
_______________________________________________________________
RELATED EDITORIAL LINKS

Check out LIDS for yourself
http://www.lids.org/

Ramen Linux worm seen in wild
IDG News Service, 01/25/01
http://www.nwfusion.com/news/2001/0125ramen.html

Breaking Linux news from Network World and around the 'Net,
updated daily: http://www.nwfusion.com/topics/linux.html

Archive of the Linux newsletter:
http://www.nwfusion.com/newsletters/linux/index.html
______________________________________________________________
FEATURED READER RESOURCE

Network World Fusion's The Edge site

Network World Fusion's The Edge is a resource devoted to the
advances in service-provider networks that are shaking up the
old telecom order. In classic Network World fashion, we focus
on the hardware, software and services coming to market - but
this time from the vendors targeting legacy carriers, new
alternative local carriers, ISPs and application service
providers. http://www.nwfusion.com/edge/index.html
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.nwwsubscribe.com/nl
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
http://www.nwwsubscribe.com/news/scripts/notprinteditnews.asp

To unsubscribe from promotional e-mail go to:
http://www.nwwsubscribe.com/ep

To change your e-mail address, go to:
http://www.nwwsubscribe.com/news/scripts/changeemail.asp

Subscription questions? Contact Customer Service by replying to
this message.

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: mailto:jcaruso@nww.com

For advertising information, write Jamie Kalbach, Fusion Sales
Manager, at: mailto:jkalbach@nww.com

Copyright Network World, Inc., 2001

------------------------
This message was sent to:  vkamins@enron.com