I don't think that this is minor at all. There are all sorts of ways to
automate a majority of security updates. I use apt-get with
security.debian.org in a cron job on a nightly basis to make sure that
my system is up to date on a large number of packages. Of course, this
doesn't cover everything
On Fri, Mar 23, 2001 at 08:31:49PM -0500, Derek D. Martin <[EMAIL PROTECTED]> wrote:
> There are lots of reasons for people to not have these things fixed.
> The largest one is ignorance. You can't fix something you don't even
> know is broken.
Minor nit pick, but in some cases you can. I h
I must say that this was extremely well thought out, and excellently
stated. I, for one, do not think that Derek is a doomsdayer. Everything
is a risk, especially in the computer world. That is why every choice
needs to be carefully weighed in terms of risk analysis. However, it's
my belief that i
On Fri, Mar 23, 2001 at 08:31:49PM -0500, Derek D. Martin wrote:
> On Fri, Mar 23, 2001 at 06:31:12PM -0500, Kenneth E. Lussier wrote:
> > Schneier said it best when he said " Anyone who believes that
> > reactionary security measures are sufficient is either ignorant, blind,
> > or management".
so-5_2-ga-bin-linux-en.bin is a self extracting archive. You need to set
the execute bit on. Then execute the file.
On Fri, 23 Mar 2001, Tom Laurie wrote:
>
> I downloaded staroffice 5.2 as file so-5_2-ga-bin-linux-en.bin. The
> documentation said to a chmod 777 *.bin on it which I did. It the
On Fri, Mar 23, 2001 at 06:31:12PM -0500, Kenneth E. Lussier wrote:
> OK, I could accept that. Except that it's two months old. I can see
It doesn't matter if a vulnerability is two months old or 6 years old.
Many system administrators either simply don't know anything about
system security (a sa
OK, I could accept that. Except that it's two months old. I can see
being a week, maybe two weeks (at the most) behind in security updates,
but not two months. Besides, keeping up on security issues and taking
appropriate action is part of the job. If a sysadmin isn't doing that,
then they aren't
The hardware is all here ! WooHoo ! I've got hardcopy of the Networking
HOW-TO and the NFS HOW-TO. By Monday I'll either post an account of how it
went or how it didn't. Many thanks to all who wrote with advice.
--
---
Tom Rauschenbach[EMAIL PROTECTED]
All your base are belong to
i would try the command "sh so-5_2-ga-bin-linux.bin"
that's what works for me with the binary setup
programs.
--- mike ledoux <[EMAIL PROTECTED]> wrote:
> On Fri, 23 Mar 2001, Tom Laurie wrote:
>
> >I downloaded staroffice 5.2 as file
> so-5_2-ga-bin-linux-en.bin. The
> >documentation said to
In a message dated: Fri, 23 Mar 2001 15:44:56 EST
"Kenneth E. Lussier" said:
>This worm just shouldn't be able to damage a site. If it does, then that
>is an easy way to spot the sysadmins that aren't doing their jobs.
Or, an easy way to spot and overworked, underpaid admin who doesn't
have ti
The one thing that bothers me about this is that the vulnerability that
they are exploiting was patched almost two months ago. The day that the
vulnerability was announced, there was an easy fix: upgrade BIND to
8.2.3-REL. I did 5 servers in under an hour, and with no interruption to my
user
I downloaded staroffice 5.2 as file so-5_2-ga-bin-linux-en.bin. The
documentation said to a chmod 777 *.bin on it which I did. It then said to
run the setup.
I'm not sure how to do this? Any Help?
Tom Laurie
**
To unsubscribe from this
I looked it up on Newsforge. It's http://firetrench.com
Kenny
At 01:29 PM 3/23/01 -0500, [EMAIL PROTECTED] wrote:
>They determined releasing the URL would be a possible security violation.
>
>-Larry
>
> -Original Message-
> From: Paul Lussier [SMTP:[EMAIL PROTECTED]]
>
Paul Lussier wrote:
>
> In a message dated: Fri, 23 Mar 2001 10:49:20 EST
> Cole Tuininga said:
>
> >Dunno how many of you read Newsforge, but a new security site was
> >mentioned today. It seems to be slashcode based, and is targetted to
> >everybody, including "White Hat, Grey Hat, Black Hat
They determined releasing the URL would be a possible security violation.
-Larry
-Original Message-
From: Paul Lussier [SMTP:[EMAIL PROTECTED]]
Sent: Friday, March 23, 2001 1:25 PM
To: Cole Tuininga
Cc: [EMAIL PROTECTED]
Subject
In a message dated: Fri, 23 Mar 2001 10:49:20 EST
Cole Tuininga said:
>Dunno how many of you read Newsforge, but a new security site was
>mentioned today. It seems to be slashcode based, and is targetted to
>everybody, including "White Hat, Grey Hat, Black Hat -Security, Risk
>Avoidance & Manage
Several experts from the security community worked through the night to
decompose the worm's code and engineer a utility to help you discover
if the Lion worm has affected your organization.
Wow -- *I've* always wanted to decompose a worm's code; Mother Nature
strikes again! Seriously, though, t
FYI
Dave Hardy
Systems Manager/DBA
Vermont Health Care Administration
89 Main Street
Drawer 20
Montpelier, VT 05620-3101
802-828-2914
FAX: 802-828-2949
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ALERT! A DANGEROUS NEW WORM IS SPREADING ON THE INTERNET
March 23, 2001 7:
Ken Ambrose said:
> On Fri, 23 Mar 2001, Bob Bell wrote:
>
> > On Fri, Mar 23, 2001 at 08:26:38AM -0500, Taylor, Chris <[EMAIL PROTECTED]> wrote:
> > > Just for those of you who have not seen the bulletin, there is yet another
> > > reason to look towards Linux.
> >
> > My understanding is t
Folks:
we have liquidated much of our equipment, however the best is yet to come,
we must rid ourselves of the following by next Thursday ( march 29,2001) at
noon time. All deals are cash and carry, NO personal checks accepted. You
can see the equipment in operation at our York office,
Cole Tuininga wrote:
>
> Bob Bell wrote:
> >
> > My understanding is that this has nothing to do with Microsoft
> > Windows. This will likely only affect you if you go to a website, and
> > your web browser ask you if you want to accept a certificate. Since it
> > says "signed by Microsoft
Dunno how many of you read Newsforge, but a new security site was
mentioned today. It seems to be slashcode based, and is targetted to
everybody, including "White Hat, Grey Hat, Black Hat -Security, Risk
Avoidance & Management, Continuity, Health & Safety, and more... "
It's pretty empty so far
On Fri, 23 Mar 2001, Bob Bell wrote:
> On Fri, Mar 23, 2001 at 08:26:38AM -0500, Taylor, Chris <[EMAIL PROTECTED]> wrote:
> > Just for those of you who have not seen the bulletin, there is yet another
> > reason to look towards Linux.
>
> My understanding is that this has nothing to do with
Bob Bell wrote:
>
> My understanding is that this has nothing to do with Microsoft
> Windows. This will likely only affect you if you go to a website, and
> your web browser ask you if you want to accept a certificate. Since it
> says "signed by Microsoft Corporation", you might be more inc
Bob is 100% correct on this. Basically, it is a perfect example of why
VeriSign is a Very Bad Thing (TM). Of course, being owned by Network
Associates hasn't done them a whole lot of good. The only proof that they
require to create a new cert is the companies ID number, which you can look
up o
On Fri, Mar 23, 2001 at 08:26:38AM -0500, Taylor, Chris <[EMAIL PROTECTED]> wrote:
> Just for those of you who have not seen the bulletin, there is yet another
> reason to look towards Linux.
My understanding is that this has nothing to do with Microsoft
Windows. This will likely only affect
Just for those of you who have not seen the bulletin, there is yet another
reason to look towards Linux.
- Chris
-Original Message-
From: CERT Advisory [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 22, 2001 6:24 PM
To: [EMAIL PROTECTED]
Subject: CERT Advisory CA-2001-04
-BE
27 matches
Mail list logo