From Fedora Project Wiki

< FWN‎ | Beats

Line 6: Line 6:
 
Contributing Writer: [[JoshBressers]]
 
Contributing Writer: [[JoshBressers]]
  
=== Verizon Data-Breach Study ===
+
=== DNS flaw ===
Verizon Business released a very interesting report on [http://www.verizonbusiness.com/about/news/displaynews.xml?newsid=25135&mode=vzlong&lang=en&width=530 data breaches in the enterprise].
+
A serious flaw in the way most DNS requests are made was [http://www.kb.cert.org/vuls/id/800113 announced] last week. It is expected that the details of this issue will be known later this month when Dan Kaminsky presents at Black Hat. In the meantime, if you run a DNS server, be sure to get an update from your vendor.
Their findings are quite interesting, but two things especially stand out:
 
  
* Insider threat has decreased substantially.
+
On a side note about this issue, newer Linux kernels have a feature where the source port of UDP requests is randomized.  That means that as long as the requesting application has random transaction IDs, it doesn't need additional logic to ensure random UDP source ports.
* 90 percent of known vulnerabilities exploited had patches available for at least six months prior to the breach.
 
  
It seems that the single most important thing an administrator can do is to keep their system updated.
+
=== Package Manager Flaw? ===
 +
A report came out last week titled: [http://www.cs.arizona.edu/people/justin/packagemanagersecurity/attacks-on-package-managers.html Attacks on Package Managers].  The actual details of this are quite a bit less interesting that the reporter makes it sound.  It's basically the same problem as using an out dated mirror.

Revision as of 01:20, 13 July 2008

Security Week

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

DNS flaw

A serious flaw in the way most DNS requests are made was announced last week. It is expected that the details of this issue will be known later this month when Dan Kaminsky presents at Black Hat. In the meantime, if you run a DNS server, be sure to get an update from your vendor.

On a side note about this issue, newer Linux kernels have a feature where the source port of UDP requests is randomized. That means that as long as the requesting application has random transaction IDs, it doesn't need additional logic to ensure random UDP source ports.

Package Manager Flaw?

A report came out last week titled: Attacks on Package Managers. The actual details of this are quite a bit less interesting that the reporter makes it sound. It's basically the same problem as using an out dated mirror.