Linux Today SECURITY LETTER FOR MAY 10, 2000 Latest Security News for the Linux and Open Source Community. ___________________________ Sponsors ________________________________ This newsletter sponsored by: TurboLinux _____________________________________________________________________ ------------------------------------------------------------------ ------------------------------------------------------------------ TODAY'S LINUX SECURITY NEWS: ------------------------------------------------------------------ ROOTPROMPT.ORG: CRACKED! PART 2: WATCHING AND WAITING "This is the second part of the story of a community network that was cracked and what was done to recover from it. ... This article talks about how they learned more about the cracker and what they did next." COMPLETE STORY: http://rootprompt.org/article.php3?article=422 ------------------------------------------------------------------ LINUXNEWBIE.ORG: INSTALLING SSH-2 ON SUSE 6.X AND OTHER SYSTEM V BASED SYSTEMS "This NHF is not going to go into great details as to how SSH2 works and how to use every switch and option. What you will learn here is how to install SSH2 using it's default settings and how to set it up so that the SSH daemon (sshd2) starts when your system reaches a particular run level." COMPLETE STORY: http://www.linuxnewbie.org/nhf/intel/distros/suse/susshd2.html /-------------------------------------------------------------------\ TurboLinux Server 6.0 is a high performance backend server for business workgroups in the enterprise. TurboLinux Server includes robust e-commerce software for business-to-business transactions. Server 6.0 includes Apache, Tallyman, and OpenMerchant. TurboLinux. High Perfomance Linux! http://www.turbolinux.com/products/tls/server.html \--------------------------------------------------------------adv.-/ ------------------------------------------------------------------ FREEBSD SECURITY ADVISORY: MODULE: LIBMYTINFO "libmytinfo allows users to specify an alternate termcap file or entry via the TERMCAP environment variable, however this is not handled securely and contains a overflowable buffer inside the library." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=21566 ------------------------------------------------------------------ FREEBSD SECURITY ADVISORY: MODULE: GNAPSTER "The gnapster port (version 1.3.8 and earlier) contains a vulnerability which allows remote gnapster users to view any file on the local system which is accessible to the user running gnapster." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=21567 ------------------------------------------------------------------ SENDMAIL.NET: SENDMAIL 8.11.0 BETA RELEASE INCLUDES TLS "The sendmail 8.11 beta is already out on the street. Why so soon? Three words: Open source crypto." COMPLETE STORY: http://sendmail.net/?feed=811announcement ------------------------------------------------------------------ SECURITY PORTAL: WHY WE'RE DOOMED TO FAILURE "Security is a process, not a solution." COMPLETE STORY: http://securityportal.com/closet/closet20000510.html ------------------------------------------------------------------ Visit the other sites in the Linux Channel: Linux Planet <http://www.linuxplanet.com>, LinuxStart <http://www.linuxstart.com>, Linux Central <http://www.linuxcentral.com>, and JustLinux <http://www.justlinux.com>. Also, check out the ISP-Linux Moderated Digest <http://isp-lists.isp-planet.com/moderated/isp-linux/>. ------------------------------------------------------------------ To advertise on our newsletters and 125+ more at internet.com, please contact Frank Fazio: mailto:[EMAIL PROTECTED] Director, Inside Sales (203)-662-2997 ------------------------------------------------------------------ Copyright 2000 internet.com Corp. <http://www.internet.com>. ------------------------------------------------------------------ --- -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
