OPEN SOURCE DEVELOPMENT NETWORK DAILY EDITION * NEWSLETTER
---------------------------------------------------------------------- Microsoft Visual Studio .NET is today's comprehensive development tool for the task at hand, built to help you overcome programming challenges and increase productivity. Discover what it can do for you, today. Click here to try a free online hosted session. http://ad.doubleclick.net/clk;4787263;7673537;a?http://msdn.protier.com/admin/skins/vsdemo/freetrial.aspx?source=OSDN_general_newsletter ---------------------------------------------------------------------- January 25, 2003 Slashdot Headlines MS SQL Server Worm Wreaking Havoc http://slashdot.org/article.pl?sid=03/01/25/1245206 [0]defile writes "Since about midnight EST almost every host on the internet has been receiving a 376 byte UDP payload on port ms-sql-m (1434) from a random infected server. Reports of some hosts receiving 10 per minute or more. [1]internetpulse.net is reporting UUNet and Internap are being hit very hard. This is the cause of major connectivity problems being experienced worldwide. It is believed this worm leverages a [2]vulnerability published in June 2002. Several core routers have taken to blocking port 1434 outright. If you run Microsoft SQL Server, make sure the public internet can't access it. If you manage a gateway, consider dropping UDP packets sent to port 1434." bani adds "This has effectively [3]disabled 5 of the 13 root nameservers." Links 0. mailto:[EMAIL PROTECTED] 1. http://www.internetpulse.net/ 2. http://www.nextgenss.com/advisories/mssql-udp.txt 3. http://forums.military.com/1/OpenTopic?a=tpc&s=78919038&f=409192893&m=4551982416 How High is Your AP? http://slashdot.org/article.pl?sid=03/01/24/2333239 [0]DeAshcroft writes "The [1]New York Times has a [2]piece [give up your data] on the wiring of Everest. Tsering Gyaltsen, the grandson of one of Sir Edmund Hillary's orignal summit-conquering Sherpas is bringing the net to the mountain (presumably bringing the mountain to the net was even more difficult). He's attracted a great set of 'technologists' to make this happen, and, best of all, it means the locals get access (including a school of about 250 students), not just the rich geeks who come to town to climb the thing." Links 0. http://www.cafeshops.com/usingrights/ 1. http://www.nytimes.com/ 2. http://www.nytimes.com/2003/01/23/technology/circuits/23sher.html Cross-Site-TRACE http://slashdot.org/article.pl?sid=03/01/24/2324225 [0]quackking writes "Uh-oh! Looks bad for RFC 2068! Kudos to [1]WhiteHat out of Santa Clara, CA for this one. ALL current web servers comply with this RFC, which means they ALL are vulnerable to this newly named attack - XST - [2]cross-site-trace. When misused, TRACE, part of the HTTP protocol, allows an unauthorized script to be passed to a Web server for execution even if the server is secured against running such scripts. Even devices like web-managed routers are open to this." Links 0. http://www.quacken.com 1. http://www.whitehatsec.com/ 2. http://www.extremetech.com/article2/0%2C3973%2C841144%2C00.asp Where Are They Now: Q*Bert http://slashdot.org/article.pl?sid=03/01/24/1543216 An anonymous reader writes "Two guys who worked on SNL and the Conan show cover the drug-addled history of Atari's classic blobish-looking character, [0]Q*Bert." Links 0. http://www.slushfactory.com/content/EpuFukEpAFFjrIoYJF.php IBM Trials TCPA Chip Under Linux http://slashdot.org/article.pl?sid=03/01/24/1757221 keihin writes "From IBM: IBM's Global Security Analysis Lab (GSAL) has done [0]extensive analysis of the Trusted Computing Platform Alliance (TCPA) chip available on some IBM systems. We have the chip running under Linux, and have studied it extensively. In order to clarify a lot of misunderstanding about the chip, we are making available some helpful white papers and open source device drivers for Linux, so that interested people can test and use the chip in an open environment." Links 0. http://www.research.ibm.com/gsal/tcpa/ Personal Submarine Cruises SF Bay http://slashdot.org/article.pl?sid=03/01/24/1924257 [0]LandSonar writes "Graham Hawkes, the guru of the submarine design business, tried out his new submersible sea plane yesterday in SF Bay. Called the '[1]Deep Flight Aviator'. [2]Article and cool pictures. This craft doesn't use ballast like traditional subs. Flys more like a plane. 'It looks like something NASA might build or the Blue Angels might fly.'" Links 0. mailto:[EMAIL PROTECTED] 1. http://www.deepflight.com/subs/dfa.htm 2. http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/01/24/BA111378.DTL The Long-Awaited MOO! http://slashdot.org/article.pl?sid=03/01/24/1950246 [0]Number13 writes "Quicksilver's [1]Master of Orion 3, [2]declared vaporware by Wired magazine, has [3]gone gold! Set to hit the streets on Feb. 25, MOO3 is the the successor to what many consider the best space strategy game series." Links 0. mailto:[EMAIL PROTECTED] 1. http://www.moo3.com/ 2. http://www.wired.com/news/culture/0,1284,57023-2,00.html 3. http://biz.yahoo.com/bw/030124/242237_1.html Issues for the Internet Society http://slashdot.org/article.pl?sid=03/01/24/1748232 [0]DenOfEarth writes "The Economist has published a [1]series of articles detailing some of the issues facing our current society and the technological leaps and bounds that are leading to the future internet society. They include: [2]Protection of Privacy, [3]Constant internet connectivity, [4]Copyright 's Role in the Future, [5]Technology-based Democratic Process, [6]Government Authority, and [7]Social and Political Ramifications. There's a good deal of information to waste one's time with here, but some good discussion is bound to come out of it." Links 0. http://www.enel.ucalgary.ca/~whelan 1. http://www.economist.com/displaystory.cfm?story_id=1534303 2. http://www.economist.com/displayStory.cfm?story_id=1534283 3. http://www.economist.com/displayStory.cfm?story_id=1534295 4. http://www.economist.com/displayStory.cfm?story_id=1534271 5. http://www.economist.com/displayStory.cfm?story_id=1534259 6. http://www.economist.com/displayStory.cfm?story_id=1534249 7. http://www.economist.com/displayStory.cfm?story_id=1534217 LinuxWorld Report, Day 2 http://slashdot.org/article.pl?sid=03/01/24/1747223 greechneb writes "Roblimo is reporting again on [0]LWCE's second day. Check out his reports on break dancers, hp, suse, gentoo, linux on laptops, and most important, free booze." See [1]yesterday's story if you missed it. Some other LWCE notes: United Linux is [2]sucking in more partners, and even [3]Microsoft won one of the show awards. And yes, Robin is going around asking the interview questions. :) Links 0. http://newsforge.com/newsforge/03/01/23/2212240.shtml?tid=23 1. http://slashdot.org/article.pl?sid=03/01/23/198230&tid=163 2. http://www.crn.com/sections/BreakingNews/breakingnews.asp?ArticleID=39526 3. http://www.linuxworldexpo.com/linuxworldny03/V33/press.cvn?id=11&p_id=12 .org TLD Now Runs on PostgreSQL http://slashdot.org/article.pl?sid=03/01/24/1549207 [0]johnnyb writes "The .org domain, which has long run on Oracle systems, is now being [1]transferred to a PostgreSQL system. I guess we can now dispel the "untested in mission-critical applications" myth." Links 0. http://www.eskimo.com/~johnnyb/ 1. http://www.computerworld.com.au/idg2.nsf/All/2ADD84E6EBCEADE9CA256CB30075FA01!OpenDocument ------------------------------------------------------------------------ To unsubscribe - If you do not wish to subscribe to Slashdot, go to: http://www.osdn.com/newsletters/unsubscribe.shtml ------------------------------------------------------------------------ Copyright (c)1999-2002 Open Source Development Network. All rights reserved.
