Linux Today SECURITY LETTER FOR JUNE 5, 2000 Latest Security News for the Linux and Open Source Community. ------------------------------------------------------------------ ------------------------------------------------------------------ TODAY'S LINUX SECURITY NEWS: ------------------------------------------------------------------ LANSYSTEMS.COM: SECURE SHELL 1.2.27 SETUP GUIDE "Who would want to use a program that sends your passwords and everything you type to the remote host in plain text? Not I." COMPLETE STORY: http://www.lansystems.com/tutorials/vinces_guide_to_ssh.txt ------------------------------------------------------------------ LINUX.COM: WHO'S SNIFFING YOUR NETWORK? "As we have seen, sniffer attacks are difficult to detect and thwart because sniffers are passive programs. They don't generate an evidence trail (logs), and when used properly, they don't use a lot of disk and memory resources." COMPLETE STORY: http://www.linux.com/security/newsitem.phtml?sid=11&aid=8921 ------------------------------------------------------------------ LINUXSECURITY.COM: LINUX SECURITY WEEK, JUNE 5TH 2000 "Greetings, issue number 5 is already here! We would like to take a moment to thank our readers for all of your support. The response has been tremendous for both our newsletter and website, LinuxSecurity.com If you have any suggestions regarding the website, newsletter, or anything else, please let us know! We are here to serve the open-source community; your voice should be heard." COMPLETE STORY: http://www.linuxsecurity.com/articles/forums_article-800.html ------------------------------------------------------------------ ROOTPROMPT.ORG: RESPONSE TO THE FEATURE ON IPV6 VS. SSL "Reto Haeni's paper on IPv6 and SSL explains a number of fundamental differences between the two protocols but fails to communicate why they are different. It is also quite out of date (it appears to have been written in 1996) and as a result some of its facts are no longer true. The paper is misleading (though clearly not intentionally) due to its age and its failure to address the differences between SSL and IPv6 adequately." COMPLETE STORY: http://rootprompt.org/article.php3?article=507 ------------------------------------------------------------------ DEBIAN SECURITY ADVISORY: PACKAGE: MAILX "The version of mailx distributed in Debian GNU/Linux 2.1 (a.k.a. slink), as well as in the frozen (potato) and unstable (woody) distributions is vulnerable to a local buffer overflow while sending messages. This could be exploited to give a shell running with group "mail." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=22862 /-------------------------------------------------------------------\ LOOKING FOR LINUX PRODUCT REVIEWS? Linux Central has teamed with JustLinux to provide a comprehensive list of product reviews. Simply click on the product you're interested in and follow the review to justlinux.com Visit http://www.justlinux.com/bin/review/productreview.pl \--------------------------------------------------------------adv.-/ ------------------------------------------------------------------ DEBIAN SECURITY ADVISORY: PACKAGE: SPLITVT "The version of splitvt distributed in Debian GNU/Linux 2.1 (a.k.a. slink), as well as in the frozen (potato) and unstable (woody) distributions, is vulnerable to a local buffer overflow. This could be exploited to give a shell running as root." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=22864 ------------------------------------------------------------------ Visit the other sites in the Linux Channel: Linux Planet <http://www.linuxplanet.com>, LinuxStart <http://www.linuxstart.com>, Linux Central <http://www.linuxcentral.com>, and JustLinux <http://www.justlinux.com>. Also, check out the ISP-Linux Moderated Digest <http://isp-lists.isp-planet.com/moderated/isp-linux/>. ------------------------------------------------------------------ To advertise on our newsletters and 125+ more at internet.com, please contact Frank Fazio: mailto:[EMAIL PROTECTED] Director, Inside Sales (203)-662-2997 ------------------------------------------------------------------ Copyright 2000 internet.com Corp. <http://www.internet.com>. ------------------------------------------------------------------ -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
