Security Linux News for Jun 12, 2000
Conectiva Linux Security Announcement: Package: openssh (2000-06-12 22:35:28)
"But if the user specifies a command to be executed during the
ssh session, the login program won't be used and the program will
be run with full root privileges."
LinuxMall.com: MimeStar Shoots Down Intruders (2000-06-12 20:18:49)
"Version 3.0.7 of MimeStar's SecureNet PRO Network Intrusion
Detection and Monitoring suite has been unveiled, revealing an
enterprise-scalable security platform with custom protocol
decoding, real-time monitoring and unique intrusion response
eWeek: Exchange 2000: Proof of DOJ's point? (2000-06-12 18:16:14)
"Exchange 2000 is a conglomeration of Microsoft Corp.
technologies, which makes it impossible to implement as a
stand-alone application. This also makes it an example of one of
the practices that has landed Microsoft in the legal hotseat."
RootPrompt.org: Cracked! Part 5: Rebuilding (2000-06-12 14:45:55)
"By this point we have realized that we must get the cracker off
of our machines before it is to late. It is only a matter of time
before he trashes our system to clean up his tracks, gets a sniffer
running under a different architecture or uses us to launch some
denial of service attack."
LinuxSecurity.com: Linux Security Week, June 12th 2000 (2000-06-12 11:17:35)
This week was quite an active week, not the least of which was a
very serious Linux kernel security bug was recently discovered that
allows local users to gain root access. The problem exists in the
Linux kernel capability model that affects all 2.2.x kernels."
Linux.com: An Overview of TCP and IP Spoofing (2000-06-12 11:03:13)
"A spoofing attack involves forging one's source IP address. It
is the act of using one machine to impersonate another. Most of the
applications and tools in Unix systems, including Linux, rely on
source IP address authentication, and many developers have used
host-based access controls to secure their networks. The source IP
address is a unique identifier, but it is not a reliable one."
LinuxSecurity.com: Interview with Marcus Ranum CEO of NFR on Intrusion Detection, Linux, & Security (2000-06-12 09:00:07)
Can we start with having you explain what an intrusion detection
system actually is, and a mention of the various types? What is the
difference between misuse detection and anomaly detection?
Host-based and network-based?"
Security Portal: Weekly Linux Security Digest - 2000/06/05 to 2000/06/11 (2000-06-12 03:00:45)
"This was a really bad week for Linux. A serious bug was found
in the kernel that allows attackers to gain root through a variety
of programs (such as Sendmail). Several application holes were
found and, as always, we have a lot of exploit code."