Security Linux News for May 31, 2000
LinuxPR: OpenDocs Publishing: Announces Third book, Securing and Optimizing Linux: RedHat Edition (May 31, 2000, 21:40)
"The book is on Securing and Optimizing the RedHat distribution
of the Linux Operating System and takes a on-hands approach to
installation, compiling the kernel and advanced Network Security
and Back-up procedures."
LinuxPR: Linuxsure for Integrated Network Solutions in the UK
(May 31, 2000, 21:07)
"Linuxsure provide Linux based network evaluation, integration,
migration, security and support services in the United
IW: OmniLinux Releases "Linux 1-2-3 Fundamentals" Training CD (May 31, 2000, 19:57)
"...the first computer-based training (CBT) in a series of Open
Source educational products planned for the Linux market."
Red Hat Security Advisory: New majordomo packages available (May 31, 2000, 19:22)
"A vulnerability in /usr/lib/majordomo/resend and
/usr/lib/majordomo/wrapper will allow execution of arbitrary
commands with elevated privileges."
DevShed: The Shell Game [Using SSH To Secure Your Connections] (May 31, 2000, 16:45)
"Like telnet, SSH is a program designed to let you log in to
other computers on a network. However, unlike telnet, all the data
flowing back and forth in an SSH session is encrypted, and thus
secured from hackers attempting to eavesdrop on the
RootPrompt.org: Cracked! Part 4: The Sniffer (May 31, 2000, 15:09)
"We had thousands of logins each day from a large selection of
places all over the world. Many of these users then connected to
other systems using telnet or FTP. Each time one of our users
connected to a system somewhere else the cracker had a new door
that he could open. A new system that he could crack or just use to
sendmail.net: Update: Blocking "Killer Resume" (May 31, 2000, 13:19)
"It's worth noting that in the long run, header checks are an
inadequate solution to this problem for a couple of reasons."
Red Hat Security Advisory: New majordomo packages available (Jan 21, 2000, 19:07)
"A vulnerability in /usr/lib/majordomo/resend will allow
execution of arbitrary commands with elevated privileges."