LinuxSecurity.com: Linux Security Week - October 9th, 2000Oct 09, 2000, 06:34 (0 Talkback[s])
(Other stories by Benjamin D. Thomas)
"This week, a few interesting papers were released: "Cryptography, PGP and Pine," "Square one: Paring down your network services," and the humorous, "Top Ten Reasons Why You Shouldn't Log in as Root." Each of these articles provide useful information that can help you secure your system."
"Effective today, CERT will now follow a new policy of disclosing vulnerability information to the public 45 days after an initial report, regardless of the availability of patches or workarounds. The purpose of releasing vulnerability information is to better inform the public while still giving vendors adequate time fix problems."
"Our feature this week, Dave Wreski conducted an interesting interview with Paul Vixie and David Conrad, developers of BIND. They discuss the Internet Software Consortium, the changes in the latest major version of bind, the security features designed into it, and the future of Internet security."