Dear Stephen,

I work on large scale environments that have Unix (SUN/AIX/HP), Mainframe
and of course Windows PCs and Servers (from 20 to 300K users) world-wide.
My clients are provincial Governments, Airlines and in the Financial field.

I know that Windows has some issues regarding security and some Linux
Distros as well. 
I'm a paying customer of support with Red-Hat 9.0 and Suse 8.2 Pro, also use
Mandrake 9.1.

Since Feb.2003 Red-Hat has issued close 85 security fixes of security
vulnerability.  Is Linux really more secure than Windows ?  AIX and Solaris
are more stable and have less few issues.

Just a few examples of those issues on Linux :

Security Advisory - RHSA-2003:196-13
Updated Xpdf packages are available that fix a vulnerability where a
malicious PDF document could run arbitrary code.
Martyn Gilmore discovered a flaw in various PDF viewers and readers. An
attacker can embed malicious external-type hyperlinks that, if activated or
followed by a victim, can execute arbitrary shell commands.   The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0434 to this issue.

Security Advisory - RHSA-2003:238-14
Updated 2.4 kernel fixes vulnerabilities
Several security issues have been discovered affecting the Linux kernel:

CAN-2003-0461: /proc/tty/driver/serial reveals the exact character counts
for serial links.  This could be used by a local attacker to infer password
lengths and inter-keystroke timings during password entry.

CAN-2003-0462: Paul Starzetz discovered a file read race condition existing
in the execve() system call, which could cause a local crash.

CAN-2003-0464: A recent change in the RPC code set the reuse flag on
newly-created sockets.  Olaf Kirch noticed that his could allow normal users
to bind to UDP ports used for services such as nfsd.

CAN-2003-0476: The execve system call in Linux 2.4.x records the file
descriptor of the executable process in the file table of the calling
process, allowing local users to gain read access to restricted file
descriptors.  

CAN-2003-0501: The /proc filesystem in Linux allows local users to obtain
sensitive information by opening various entries in /proc/self before
executing a setuid program.  This causes the program to fail to change the
ownership and permissions of already opened entries.
 
CAN-2003-0550: The STP protocol is known to have no security, which could
allow attackers to alter the bridge topology.  STP is now turned off by
default.

CAN-2003-0551: STP input processing was lax in its length checking, which
could lead to a denial of service.

CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table could be
spoofed by sending forged packets with bogus source addresses the same as
the local host.  


These are just some examples of Security Issues, what others are not
reported or not discovered yet.

Don't forget, computers are as good as the person who programs them.  We are
human and officially not perfect.

I use personally in my own office (Mandrake for my router/firewall/Squid
HTTP proxy, Suse (since it is an IBM standard) , Windows XP, W2K and Windows
2003).

Every system has its strenghts and flaws but at the end is the user that
knows if he/she is ready to live with their choice.  All of the above
systems have their merit according to the user needs.

I'll be ready to live for many years to come with mixed environments and I
don't think that one system will take over the next in this race of
computing power.

Just tonight I returned from a Linux User Group where you have people who
are 100% linux and others well, mixed users.

Best regards,

Luis-M. Astudillo
IT Architect Distributed Systems (Intel/Unix)


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Stephen Kuhn
Sent: August 13, 2003 10:39 PM
To: Mandrake Newbie
Subject: [newbie] OF INTEREST: [Virus Alerts [Prevention: the best weapon
againstthe Blaster wor m - 08/13/03]]


I get this stuff just about every day - just goes to show y'all how much
Microsoft TRULY and REALLY cares for their PURCHASING PUBLIC.

Wazzat Billy Gates? You want to make safe software for the public?

-----Forwarded Message-----
Subject: Virus Alerts [Prevention: the best weapon against the Blaster wor m
- 08/13/03]
Date: 13 Aug 2003 15:02:25 +0200

     - Prevention: the best weapon against the Blaster worm -
   Virus Alerts, by Panda Software (http://www.pandasoftware.com) 

Madrid, August 13, 2003 - The Blaster worm continues to wreak havoc in users
PCs, as borne out by the number of incidents recorded by Panda Software's
international tech support network, and it is still the virus most
frequently detected by Panda ActiveScan, the free online scanner.

However, the epidemic currently being caused by Blaster could easily have
been avoided. The vulnerability exploited  was reported  by Microsoft almost
a month and half ago and was widely reported by the international media. The
same advise was repeated time and again: to avoid problems, simply apply the
Microsoft patch.

Seemingly this advise fell on deaf ears, judging by the number of computers
affected by Blaster. The situation also highlights the general lack of
security awareness among home users, who have been affected more than any
other  user group  Users with personal firewalls installed have escaped the
effects of the worm, as port 135, used by Blaster to enter computers, is
protected by these kinds of programs. 

Likewise, the high number of incidents still being caused by Blaster is also
largely a result of the failure by users to keep the antivirus software in
their PCs completely up-to-date.

Similarly, the RPC DCOM vulnerability continues to cause problems, as Panda
Software's Virus Laboratory has detected the appearance of a new worm/Trojan
called W32/RPCSdbot which exploits the Windows vulnerability to take control
of the infected computer and spread via e-mail.

However, protecting against Blaster, W32/RPCSdbot and other viruses that
could emerge in the near future can be simple, provided users take a few
basic precautions:

- Find out about and apply patches to correct vulnerabilities detected in
the software installed on your PC. Vendors websites will normally have this
sort of information and the downloads. Similarly, e-bulletin services, such
as Panda Software's Oxygen3 24h-365d free newsletter, provide the latest
information on these security issues.

- Keep your antivirus updated. The simplest way is to install solutions that
update automatically when users connect to the Internet such as Panda
Antivirus Titanium or Platinum 7.0.

- Install a personal firewall in your computer, with both broadband and
modem  connections, as just a few seconds is all it takes for a malicious
code like Blaster to infect your PC. Solutions like Panda Antivirus Platinum
7.0 actually include a personal firewall.

Finally, Panda Software advises all users who haven't done so already to
update their antivirus solution. The company has already released the
updates to detect  Blaster and W32/RPCSDbot, so if your software is not
configured to do so automatically, you can update your antivirus from
http://www.pandasoftware.com

Panda Software has also released the PQREMOVE application designed
specifically to clean and repair systems affected by Blaster. This utility
can be downloaded from http://www.pandasoftware.com/downloads/utililities/

For further information about Blaster, W32/RPCSdbot and other viruses, visit
Panda Software's Virus Encyclopedia at:
http://www.pandasoftware.com/virus_info/encyclopedia/

------------------------------------------------------------
-- 
Thu Aug 14 12:35:00 EST 2003
 12:35:00 up 10 days, 16:23,  1 user,  load average: 2.74, 2.61, 2.50
-----------------------------------------------------------------
|            __    __          |kuhn media australia            |
|           /-oo /| |'-.       |http://kma.0catch.com           |
|          .\__/ || |   |      |================================|
|       _ /  `._ \|_|_.-'      |stephen kuhn                    |
|      | /  \__.`=._) (_       | email: [EMAIL PROTECTED] |
-----------------------------------------------------------------
  linux user #:267497 linux machine #:194239 * MDK 9.1+ & RH 9  
      Mandrake Linux Kernel 2.4.21-11mdk Cooker for i586
-----------------------------------------------------------------
 * This message was composed on a 100% Microsoft free computer *

Politics and the fate of mankind are formed by men without ideals and
without greatness.  Those who have greatness within them do not go in for
politics.
                -- Albert Camus



Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to