Security Portal: Weekly Linux Security Digest 2000/10/30 to 2000/11/05 | Linux Today

Security Portal: Weekly Linux Security Digest 2000/10/30 to 2000/11/05

Written By
Web Webster
Web Webster
Nov 6, 2000

Some ugly problems were found this week in SWAT. Remote
attackers can execute a denial of service, or try to brute-force
usernames and passwords.
However, if you log these attempts,
local users on the server can potentially gain root access, or
simply look at the log file for the usernames and passwords of
users that log in successfully to manage Samba via SWAT. This is
why firewalling management services (especially Web-based ones) are
so critical. You should also use a program like stunnel to SSL-wrap
the connection so that usernames and passwords cannot be
sniffed.”

“Napster for Linux is apparently full of problems. Other Napster
programs for Linux are poor, as Knapster has also been found to
have problems. Use them at your own risk. Finally we have
Ultraseek, a popular search engine (we use it here at
SecurityPortal) – the good news is that it is only a denial of
service attack. Tripwire 2.3 is officially out for Linux now, under
the GPL license. (If you want to do a lot of machines, though,
you’d best buy their commercial management software – or go insane
trying to manage it manually.)”

“We lead off with general advisories and exploit code, then move
to vendor advisories. Most items appear in alphabetical order. If
we’re missing a Linux vendor’s advisory, please tell us – ditto for
any Linux-related security alerts. The long strings of hex in front
of package names are MD5 signatures.”

Complete
Story

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.