Recently in Unix/Linux Category

Brian Krebs from Security Fix at the Washington Post cautions business users to use LIVE CD Operating Systems to to perform online banking. Live CD distributions are generally free, Linux Based operating systems that one can down load and burn to a CD-Rom.

This allows the user to boot the operating system off of the CD everything is just run in memory and when your done with your transactions everything that was performed is now not available on any disk. The advise is just to use the LiveCD for Online Banking transactions and not to visit other sites.

Brian Krebs also points out that this is not only his recommendation but the recommendation of the Financial Services Information Sharing and Analysis Center
(FS-ISAC)

I just want to point out that one needs to be sure where you are acquiring these distributions, simply obtaining one from a download or from an expert does not verify the validity of the distribution make sure that you can verify the distribution before running it.

A response noted by "neversaylie"
"Some Windows malware perform DNS spoofing/ARP poisoning/DHCP spoofing, so even a LiveCD won't help you if you're on a network with some infected Windows machines."

So if you are using Live CD but your DNS or DHCP servers are spoofing IP's your still resolving fake addresses to your on line banking institution and not free of man in the middle attacks.

Avoid Windows Bank on Live CD

In what appears to be an interesting security first, a DNS blacklist organization has discovered a botnet that resides on about 100,000 Linux-based routers and DSL modems.

The ultimate problem, it seems, comes down to unpatched router firmware and default passwords. Botnets and most malware take advantage of users who fail to keep things up to date. The twist here, however, is that this code isn't targeting users who forgot to turn on Windows Update, but rather users who are not keeping their router firmware updated and those who don't change the default passwords on these devices.

I guess we shouldn't be surprised. Most users don't take basic security measures on their PCs. Why should we expect them to give a second thought to their routers? Still, the potential for malicious botnet activity from unsecured routers is probably quite substantial. Expect to see a lot more of it in the future.

Over the weekend Paul Szabo wrote on Full Disclosure http://archives.neohapsis.com/archives/fulldisclosure/2008-11/, an entry about group-utmp-to-root escalation vulnerability in /bin/login with a link to the bug he reported to Debian bug tracker #505271, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505271. The Bug goes on to demonstrate that writing a suitable utmp entry would trick the login(1) process into changing the ownership of any file on the system. In the Bug Track he asked that this issue be sent to other Linux distributions so the fix could be added to their distributions.
Paul Szabo had been attempting to get this issue addressed since the beginning of the month before publishing this issue.

This weekend I received this link from a friend of mine who really is kind of scripting guru. I thought that it was interesting enough to pass it forward.

http://www.cyberciti.biz/tips/linux-unix-commands-cheat-sheets.html
http://www.scottklarr.com/topic/115/linux-unix-cheat-sheets---the-ultimate-collection/