dcsimg
Linux Today: Linux News On Internet Time.








More on LinuxToday

Security Linux News for Jun 12, 2000

  • Conectiva Linux Security Announcement: Package: openssh (2000-06-12 22:35:28)
    "But if the user specifies a command to be executed during the ssh session, the login program won't be used and the program will be run with full root privileges."

  • LinuxMall.com: MimeStar Shoots Down Intruders (2000-06-12 20:18:49)
    "Version 3.0.7 of MimeStar's SecureNet PRO Network Intrusion Detection and Monitoring suite has been unveiled, revealing an enterprise-scalable security platform with custom protocol decoding, real-time monitoring and unique intrusion response features."

  • eWeek: Exchange 2000: Proof of DOJ's point? (2000-06-12 18:16:14)
    "Exchange 2000 is a conglomeration of Microsoft Corp. technologies, which makes it impossible to implement as a stand-alone application. This also makes it an example of one of the practices that has landed Microsoft in the legal hotseat."

  • RootPrompt.org: Cracked! Part 5: Rebuilding (2000-06-12 14:45:55)
    "By this point we have realized that we must get the cracker off of our machines before it is to late. It is only a matter of time before he trashes our system to clean up his tracks, gets a sniffer running under a different architecture or uses us to launch some denial of service attack."

  • LinuxSecurity.com: Linux Security Week, June 12th 2000 (2000-06-12 11:17:35)
    This week was quite an active week, not the least of which was a very serious Linux kernel security bug was recently discovered that allows local users to gain root access. The problem exists in the Linux kernel capability model that affects all 2.2.x kernels."

  • Linux.com: An Overview of TCP and IP Spoofing (2000-06-12 11:03:13)
    "A spoofing attack involves forging one's source IP address. It is the act of using one machine to impersonate another. Most of the applications and tools in Unix systems, including Linux, rely on source IP address authentication, and many developers have used host-based access controls to secure their networks. The source IP address is a unique identifier, but it is not a reliable one."

  • LinuxSecurity.com: Interview with Marcus Ranum CEO of NFR on Intrusion Detection, Linux, & Security (2000-06-12 09:00:07)
    Can we start with having you explain what an intrusion detection system actually is, and a mention of the various types? What is the difference between misuse detection and anomaly detection? Host-based and network-based?"

  • Security Portal: Weekly Linux Security Digest - 2000/06/05 to 2000/06/11 (2000-06-12 03:00:45)
    "This was a really bad week for Linux. A serious bug was found in the kernel that allows attackers to gain root through a variety of programs (such as Sendmail). Several application holes were found and, as always, we have a lot of exploit code."