Dear All Can anyone tell me the address and Timing of next meeting. Damanjeet Singh BrickRed Technologies Pvt. Ltd. B-2 , Sector 31,Noida, Tel +91-120-2456361, Ext18 Mobile:-9891520520
----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 04, 2003 10:19 AM Subject: ilugd Digest, Vol 9, Issue 6 > Send ilugd mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > http://frodo.hserus.net/mailman/listinfo/ilugd > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of ilugd digest..." > > > Please trim replies before posting. > > Today's Topics: > > 1. (fwd) GLSA: rsync.gentoo.org rotation server compromised > (200312-01) (Raj Mathur) > 2. New resource - Policy Routing and Bandwidth Management > ([EMAIL PROTECTED]) > 3. New resource - Squid Caching Proxy Server ([EMAIL PROTECTED]) > 4. Re: Post on December meet - Threaded view (Tushar Shah) > 5. The way to the 21 Dec Meet (Ashwin Baindur) > 6. [Commercial] Programmers Required (Sudhir Gandotra) > 7. RE: The way to the 21 Dec Meet (Anuj Sharma) > 8. (fwd) GnuPG 1.2.3, 1.3.3 external HKP interface format string > issue (Raj Mathur) > 9. The Wonderful World of Linux 2.6 (Raj Shekhar) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 3 Dec 2003 21:39:58 +0530 > From: Raj Mathur <[EMAIL PROTECTED]> > Subject: [ilugd] (fwd) GLSA: rsync.gentoo.org rotation server > compromised (200312-01) > To: [EMAIL PROTECTED], > [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > [FYI. Doesn't seem to be anything to worry about yet if you're a > Gentoo user -- Raju] > > This is an RFC 1153 digest. > (1 message) > ---------------------------------------------------------------------- > > Mime-Version: 1.0 > Content-Type: multipart/signed; micalg=pgp-sha1; > protocol="application/pgp-signature"; boundary="rG+KBTClKkGekJUE" > Message-ID: <[EMAIL PROTECTED]> > From: Kurt Lieber <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] GLSA: rsync.gentoo.org rotation server compromised (200312-01) > Date: Tue, 2 Dec 2003 21:01:17 -0500 > > > --rG+KBTClKkGekJUE > Content-Type: text/plain; charset=iso-8859-1 > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable > > -------------------------------------------------------------------------- -= > ---- > GENTOO LINUX SECURITY ANNOUNCEMENT 200312-01 > -------------------------------------------------------------------------- -= > ---- > Summary : rsync.gentoo.org rotation server compromised=20 > Date : 2003-12-02 > Exploit : remote > CVE : - None - > Priority : Normal > -------------------------------------------------------------------------- -= > ---- > > SUMMARY: > =3D=3D=3D=3D=3D=3D=3D=3D > > On December 2nd at approximately 03:45 UTC, one of the servers that makes up > the rsync.gentoo.org rotation was compromised via a remote exploit. At this > point, we are still performing forensic analysis. However, the compromised > system had both an IDS and a file integrity checker installed and we have a > very detailed forensic trail of what happened once the box was breached, so= > we > are reasonably confident that the portage tree stored on that box was > unaffected. The attacker appears to have installed a rootkit and > modified/deleted some files to cover their tracks, but left the server > otherwise untouched. =20 > > The box was in a compromised state for approximately one hour before it was > discovered and shut down. During this time, approximately 20 users > synchronized against the portage mirror stored on this box. The method used > to gain access to the box remotely is still under investigation. We will > release more details once we have ascertained the cause of the remote explo= > it. > > This box is not an official Gentoo infrastructure box and is instead donated > by a sponsor. The box provides other services not related to Gentoo Linux = > as > well and the sponsor has requested that we not publicly identify the box at > this time. Because the Gentoo part of this box appears to be unaffected by > this exploit, we are currently honoring the sponsor's request. That said, = > if > at any point, we determine that any file in the portage tree was > inappropriately modified, we will release full details about the compromised > server. > > SOLUTION > =3D=3D=3D=3D=3D=3D=3D=3D > Again, based on the forensic analysis done so far, we are reasonably confid= > ent > that no files within the Portage tree on the box were affected. However, t= > he > server has been removed from all rsync.*.gentoo.org rotations and will rema= > in > so until the forensic analysis has been completed and the box has been wiped > and rebuilt. Thus, users preferring an extra level of security may ensure > that they have a correct and accurate portage tree by running: > > emerge sync > > Which will perform a sync against another server, thus ensuring that all fi= > les > are up to date. > > --rG+KBTClKkGekJUE > Content-Type: application/pgp-signature > Content-Disposition: inline > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.3 (GNU/Linux) > > iD8DBQE/zUPtJPpRNiftIEYRAsuzAJ9VhNxkc1+kPvnXxqF9AMYczPrN6QCfQivy > pBdmUugrjQd4fD8YmYMx4YI= > =2VEN > -----END PGP SIGNATURE----- > > --rG+KBTClKkGekJUE-- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > ------------------------------ > > End of this Digest > ****************** > > -- > Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ > GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F > It is the mind that moves > > > > ------------------------------ > > Message: 2 > Date: Mon, 1 Dec 2003 10:17:29 +0530 > From: [EMAIL PROTECTED] > Subject: [ilugd] New resource - Policy Routing and Bandwidth > Management > To: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > > Resource ID: 78 > Title: Policy Routing and Bandwidth Management > Category: I S P > URL: www.lartc.org > Contact: Joel > Description: "All things to know how to manage your bandwidth. Policy based routing on linux." > Inform when comment is added: ON > Inform when resource is rated: ON > - Submitted by Joel Solanki on 12/01/2003. > -------------------------------------------------- > This email is brought to you by http://www.linux-delhi.org/ > > > > > ------------------------------ > > Message: 3 > Date: Mon, 1 Dec 2003 10:24:55 +0530 > From: [EMAIL PROTECTED] > Subject: [ilugd] New resource - Squid Caching Proxy Server > To: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > > Resource ID: 79 > Title: Squid Caching Proxy Server > Category: Networking > URL: www.squid-cache.org > Contact: Joel Solanki > Description: "Squid is a Caching proxy server. > Features:--- > Proxy Server. > Web Caching. > Manage Bandwidth. > Url Filtering. > And Much More." > Inform when comment is added: ON > Inform when resource is rated: ON > - Submitted by Joel Solanki on 12/01/2003. > -------------------------------------------------- > This email is brought to you by http://www.linux-delhi.org/ > > > > > ------------------------------ > > Message: 4 > Date: Mon, 1 Dec 2003 14:57:04 +0530 (IST) > From: "Tushar Shah" <[EMAIL PROTECTED]> > Subject: Re: [ilugd] Post on December meet - Threaded view > To: "The Linux-Delhi mailing list" <[EMAIL PROTECTED]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain;charset=iso-8859-1 > > Hi, > I had send an earlier mail reg my intrest in presenting fedora > installation . I am sorry to inform you that under the current > circumstances of uncertainty wrt to my college schedule , I will not > be able to commit myself as a presenter for fedora demostration : ( , > but at the same time if I reach delhi in time I hope to be part of > the meet . > bye > Tushar Shah > > > > ------------------------------ > > Message: 5 > Date: Wed, 3 Dec 2003 18:05:08 +0530 > From: "Ashwin Baindur" <[EMAIL PROTECTED]> > Subject: [ilugd] The way to the 21 Dec Meet > To: "The Linux-Delhi mailing list" <[EMAIL PROTECTED]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="iso-8859-1" > > Dear all, > Please find attached a sketch about how to locate Raksha Bhawan for the 21 Dec meet.My home is in B6. The watchman will be told about the meet. He will direct you. > regards, Ashwin > > ------------------------------ > > Message: 6 > Date: 04 Dec 2003 01:04:06 +0530 > From: Sudhir Gandotra <[EMAIL PROTECTED]> > Subject: [ilugd] [Commercial] Programmers Required > To: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain > > Hello, > > There is requirement of : > > 1. One/Two Programmers with strong fundamentals and experience (6 months > onwards) of Perl, Php, MySQL/PostgreSQL, Html, on Linux; > 2. Two-three trainees with basic knowledge of the above; > > 3. Two Programmers with strong fundamentals and experience of C, > PostgreSQL and GTK/QT; > 4. Two-three trainees with strong fundamentals of the above. > > 5. Two Programmers with strong fundamentals and experience of Java based > programming. > 6. Two-three trainees with strong fundamentals of the above. > > These are basic minimum requirements. Additional abilities/knowledge on > Linux platform technologies will be helpful. > > The requirements are in Delhi and salary will be in accordance with > experience and creative abilities. > > Ours is a Linux based Application development company > (www.kalculate.com) and now we are expanding in a big way into this > arena with both GUI based applications and web-based developments. > > Those interested, please mail your resume, offline, to > [EMAIL PROTECTED] mentioning contact info, qualifications & experience > on Linux platform, etc. details in text, openoffice, html format. > -- > Peace, Force & Joy! Sudhir Gandotra. 98-101-20918. > > Legal.Software @ Fractional.Cost : http://kalculate.com > > Transform lives: http://humanistmovement.org/ > !!! Treat Others As You Would Have Them Treat You !!! > > > > ------------------------------ > > Message: 7 > Date: Thu, 04 Dec 2003 08:00:52 +0530 > From: "Anuj Sharma" <[EMAIL PROTECTED]> > Subject: RE: [ilugd] The way to the 21 Dec Meet > To: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; format=flowed > > Hi Ashwin, > > i dont c ny attchmnt on ur mail mate! > > Anuj > > _________________________________________________________________ > Marriage? http://www.bharatmatrimony.com/cgi-bin/bmclicks1.cgi?74 Join > BharatMatrimony.com for free. > > > > > ------------------------------ > > Message: 8 > Date: Thu, 4 Dec 2003 09:19:45 +0530 > From: Raj Mathur <[EMAIL PROTECTED]> > Subject: [ilugd] (fwd) GnuPG 1.2.3, 1.3.3 external HKP interface > format string issue > To: [EMAIL PROTECTED], > [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=us-ascii > > [Please upgrade if you use the experimental gpgkeys_hkp program. This > program is not built with GnuPG by default -- Raju] > > This is an RFC 1153 digest. > (1 message) > ---------------------------------------------------------------------- > > Message-ID: <[EMAIL PROTECTED]> > From: S-Quadra Security Research <[EMAIL PROTECTED]> > To: full-disclosure <[EMAIL PROTECTED]>, > bugtraq <[EMAIL PROTECTED]> > Subject: GnuPG 1.2.3, 1.3.3 external HKP interface format string issue > Date: Wed, 03 Dec 2003 16:30:38 +0300 > > > S-Quadra Advisory #2003-12-03 > > Topic: GnuPG 1.2.3, 1.3.3 external HKP interface format string issue > Severity: Low > Vendor URL: http://www.gnupg.org > Advisory URL: http://www.s-quadra.com/advisories/Adv-20031203.txt > Release date: 3 Dec 2003 > > 1. DESCRIPTION > > GnuPG is a complete and free replacement for PGP. > Because it does not use the patented IDEA algorithm, it can be used > without any restrictions. > GnuPG is a RFC2440 (OpenPGP) compliant application. > > GnuPG has external HKP inteface which is marked as experimental and not > enabled by default in 1.2 stable branch and to use it you should compile > GnuPG with '--enable-external-hkp' configuration option. > Also, on 1.3 devel branch external HKP interface is enabled by default > and to disable you should compile GnuPG with '--disable-hkp' > configuration option. > > When the external HKP interface is enabled, GnuPG will make use of > 'gpgkeys_hkp' utility for keyserver accesses. > > There exists a format string vulnerability in 'gpgkeys_hkp' utility > which would allow a malicious > keyserver in the worst case to execute an arbitrary code on the user's > machine. > > 2. DETAILS > > The offending code can be found in keyserver/gpgkeys_hkp.c: > > <snip> > int get_key(char *getkey) > { > int rc,gotit=0; > char search[29]; > char *request; > struct http_context hd; > > ... > > if(verbose>2) > fprintf(console,"gpgkeys: HTTP URL is \"%s\"\n",request); > > rc=http_open_document(&hd,request,http_flags); > if(rc!=0) > { > fprintf(console,"gpgkeys: HKP fetch error: %s\n", > rc==G10ERR_NETWORK?strerror(errno):g10_errstr(rc)); > fprintf(output,"KEY 0x%s FAILED\n",getkey); > } > else > { > unsigned int maxlen=1024,buflen; > byte *line=NULL; > > while(iobuf_read_line(hd.fp_read,&line,&buflen,&maxlen)) > { > maxlen=1024; > > if(gotit) > { > // S-Quadra: here is where format string bug lives > fprintf(output,line); > if(strcmp(line,"-----END PGP PUBLIC KEY BLOCK-----\n")==0) > break; > } > else > if(strcmp(line,"-----BEGIN PGP PUBLIC KEY BLOCK-----\n")==0) > { > // S-Quadra: here is where format string bug lives > fprintf(output,line); > gotit=1; > } > } > ... > return 0; > } > > </snip> > > 3. FIX INFORMATION > > S-Quadra alerted GnuPG development team to this issue on 27th November 2003. > For 1.2 branch fix available in CVS, latest devel version 1.3.4 also > contains fix for the reported bug. > > 4. CREDITS > > Evgeny Legerov <[EMAIL PROTECTED]> is responsible for discovering > this issue. > > 5. ABOUT > > S-Quadra offers services in computer security, penetration testing and > network assesment, > web application security, source code review and third party product > vulnerability assesment, > forensic support and reverse engineering. > > Security is an art and our goal is to bring responsible and high quality > security > service to the IT market, customized to meet the unique needs of each > individual client. > > S-Quadra, (pronounced es quadra), is not an acronym. > It's unique, creative and innovative - just like the security services > we bring to our clients. > > S-Quadra Advisory #2003-12-03 > > > ------------------------------ > > End of this Digest > ****************** > > -- > Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ > GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F > It is the mind that moves > > > > ------------------------------ > > Message: 9 > Date: 04 Dec 2003 10:10:32 +0530 > From: Raj Shekhar <[EMAIL PROTECTED]> > Subject: [ilugd] The Wonderful World of Linux 2.6 > To: lugd <[EMAIL PROTECTED]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain > > Joseph Pranevich has written a nice long article on what new things are > coming in the 2.6 kernel. You can see the whole article at > http://kniggit.net/wwol26.html. I am putting the most interesting parts > here. > > Interactivity and Responsiveness > -------------------------------- > > One of the key improvements in Linux 2.6, is that the kernel is finally > preemptible. In all previous versions of Linux, the kernel itself cannot > be interrupted while it is processing. (On a system with multiple > processors, this was true on a per-CPU basis.) Under Linux 2.6, the > kernel now can be interrupted mid-task, so that other applications can > continue to run even when something low-level and complicated is going > on in the background. Of course, there are still times when the kernel > cannot be interrupted in its processing. In reality, most users never > saw these delays, which are rarely over small fractions of a second. > Despite that, many users may notice an improvement in interactive > performance with this feature enabled; things like user input will > "feel" faster, even when the system is bogged down. > > [snip] > > Scaling Down -- Linux for Embedded Systems > ------------------------------------------ > One of the two most fundamental changes to Linux in 2.6 comes through > the acceptance and merging of much of the uClinux project into the > mainstream kernel. The uClinux project (possibly pronounced > "you-see-Linux", but more properly spelled with the Greek character > "mu") is the Linux for Microcontrollers project. This variant of Linux > has already been a major driver of support for Linux in the embedded > market, and its inclusion in the official release should encourage > further development in this space. Unlike the "normal" Linux ports that > we are generally accustomed to, embedded ports do not have all the > features that we associate with the kernel, due to hardware limitations. > The primary difference is that these ports feature processors that do > not feature an MMU. ("memory management unit" - what makes a > protected-mode OS "protected") While these are generally true > multitasking Linux systems, they are missing memory protection and other > related features. (Without memory protection, it is possible for a > wayward process to read the data of, or even crash, other processes on > the system.) This may make them unusable for a multi-user system, but an > excellent choice for a low-cost PDA or dedicated device. It is difficult > to over-emphasize this architecture shift in Linux 2.6; all versions of > Linux up to this point were derived (however indirectly) from the > limitations inherent with Linus' initial work on his Intel 80386. > [snip] > > -- > / \__ > ( @\___ Raj Shekhar > / O My home : http://geocities.com/lunatech3007/ > / (_____/ My blog : http://lunatech.journalspace.com/ > /_____/ U > > > > > > ------------------------------ > > _______________________________________________ > ilugd mailing list > [EMAIL PROTECTED] > http://frodo.hserus.net/mailman/listinfo/ilugd > > > End of ilugd Digest, Vol 9, Issue 6 > *********************************** _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
