On Thu, 2003-08-14 at 00:06, Luis-Miguel Astudillo wrote: Welcome Luis-Miguel. I know you addressed Stephen, but let me take a stab. there should be an almost natural visible difference between closed source (ie.; M$)reporting of problems (as in; 'if you look for problems, we can send you to jail, so don't de-compile our software, and if you do never let anyone know') and open source software (ie;Linux)(as in 'everyone look here, and see if you can find any problems) the 'open source is going to openly announce every problem anyone can find, as soon as _anyone_ can find it. The 'closed source' is only going to revel vulnerabilities only after the legal dept and management have approved releasing the information. kinda of like looking at an orange and saying well this fruit can not be as good as this apple, since it is soft and squishy, and has bumps on the skin.
> Dear Stephen, > > I work on large scale environments that have Unix (SUN/AIX/HP), Mainframe > and of course Windows PCs and Servers (from 20 to 300K users) world-wide. > My clients are provincial Governments, Airlines and in the Financial field. > > I know that Windows has some issues regarding security and some Linux > Distros as well. > I'm a paying customer of support with Red-Hat 9.0 and Suse 8.2 Pro, also use > Mandrake 9.1. > > Since Feb.2003 Red-Hat has issued close 85 security fixes of security > vulnerability. Is Linux really more secure than Windows ? AIX and Solaris > are more stable and have less few issues. > > Just a few examples of those issues on Linux : > > Security Advisory - RHSA-2003:196-13 > Updated Xpdf packages are available that fix a vulnerability where a > malicious PDF document could run arbitrary code. > Martyn Gilmore discovered a flaw in various PDF viewers and readers. An > attacker can embed malicious external-type hyperlinks that, if activated or > followed by a victim, can execute arbitrary shell commands. The Common > Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name > CAN-2003-0434 to this issue. > > Security Advisory - RHSA-2003:238-14 > Updated 2.4 kernel fixes vulnerabilities > Several security issues have been discovered affecting the Linux kernel: > > CAN-2003-0461: /proc/tty/driver/serial reveals the exact character counts > for serial links. This could be used by a local attacker to infer password > lengths and inter-keystroke timings during password entry. > > CAN-2003-0462: Paul Starzetz discovered a file read race condition existing > in the execve() system call, which could cause a local crash. > > CAN-2003-0464: A recent change in the RPC code set the reuse flag on > newly-created sockets. Olaf Kirch noticed that his could allow normal users > to bind to UDP ports used for services such as nfsd. > > CAN-2003-0476: The execve system call in Linux 2.4.x records the file > descriptor of the executable process in the file table of the calling > process, allowing local users to gain read access to restricted file > descriptors. > > CAN-2003-0501: The /proc filesystem in Linux allows local users to obtain > sensitive information by opening various entries in /proc/self before > executing a setuid program. This causes the program to fail to change the > ownership and permissions of already opened entries. > > CAN-2003-0550: The STP protocol is known to have no security, which could > allow attackers to alter the bridge topology. STP is now turned off by > default. > > CAN-2003-0551: STP input processing was lax in its length checking, which > could lead to a denial of service. > > CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table could be > spoofed by sending forged packets with bogus source addresses the same as > the local host. > > > These are just some examples of Security Issues, what others are not > reported or not discovered yet. > > Don't forget, computers are as good as the person who programs them. We are > human and officially not perfect. > > I use personally in my own office (Mandrake for my router/firewall/Squid > HTTP proxy, Suse (since it is an IBM standard) , Windows XP, W2K and Windows > 2003). > > Every system has its strenghts and flaws but at the end is the user that > knows if he/she is ready to live with their choice. All of the above > systems have their merit according to the user needs. > > I'll be ready to live for many years to come with mixed environments and I > don't think that one system will take over the next in this race of > computing power. > > Just tonight I returned from a Linux User Group where you have people who > are 100% linux and others well, mixed users. > > Best regards, > > Luis-M. Astudillo > IT Architect Distributed Systems (Intel/Unix) > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Stephen Kuhn > Sent: August 13, 2003 10:39 PM > To: Mandrake Newbie > Subject: [newbie] OF INTEREST: [Virus Alerts [Prevention: the best weapon > againstthe Blaster wor m - 08/13/03]] > > > I get this stuff just about every day - just goes to show y'all how much > Microsoft TRULY and REALLY cares for their PURCHASING PUBLIC. > > Wazzat Billy Gates? You want to make safe software for the public? > > -----Forwarded Message----- > Subject: Virus Alerts [Prevention: the best weapon against the Blaster wor m > - 08/13/03] > Date: 13 Aug 2003 15:02:25 +0200 > > - Prevention: the best weapon against the Blaster worm - > Virus Alerts, by Panda Software (http://www.pandasoftware.com) > > Madrid, August 13, 2003 - The Blaster worm continues to wreak havoc in users > PCs, as borne out by the number of incidents recorded by Panda Software's > international tech support network, and it is still the virus most > frequently detected by Panda ActiveScan, the free online scanner. > > However, the epidemic currently being caused by Blaster could easily have > been avoided. The vulnerability exploited was reported by Microsoft almost > a month and half ago and was widely reported by the international media. The > same advise was repeated time and again: to avoid problems, simply apply the > Microsoft patch. > > Seemingly this advise fell on deaf ears, judging by the number of computers > affected by Blaster. The situation also highlights the general lack of > security awareness among home users, who have been affected more than any > other user group Users with personal firewalls installed have escaped the > effects of the worm, as port 135, used by Blaster to enter computers, is > protected by these kinds of programs. > > Likewise, the high number of incidents still being caused by Blaster is also > largely a result of the failure by users to keep the antivirus software in > their PCs completely up-to-date. > > Similarly, the RPC DCOM vulnerability continues to cause problems, as Panda > Software's Virus Laboratory has detected the appearance of a new worm/Trojan > called W32/RPCSdbot which exploits the Windows vulnerability to take control > of the infected computer and spread via e-mail. > > However, protecting against Blaster, W32/RPCSdbot and other viruses that > could emerge in the near future can be simple, provided users take a few > basic precautions: > > - Find out about and apply patches to correct vulnerabilities detected in > the software installed on your PC. Vendors websites will normally have this > sort of information and the downloads. Similarly, e-bulletin services, such > as Panda Software's Oxygen3 24h-365d free newsletter, provide the latest > information on these security issues. > > - Keep your antivirus updated. The simplest way is to install solutions that > update automatically when users connect to the Internet such as Panda > Antivirus Titanium or Platinum 7.0. > > - Install a personal firewall in your computer, with both broadband and > modem connections, as just a few seconds is all it takes for a malicious > code like Blaster to infect your PC. Solutions like Panda Antivirus Platinum > 7.0 actually include a personal firewall. > > Finally, Panda Software advises all users who haven't done so already to > update their antivirus solution. The company has already released the > updates to detect Blaster and W32/RPCSDbot, so if your software is not > configured to do so automatically, you can update your antivirus from > http://www.pandasoftware.com > > Panda Software has also released the PQREMOVE application designed > specifically to clean and repair systems affected by Blaster. This utility > can be downloaded from http://www.pandasoftware.com/downloads/utililities/ > > For further information about Blaster, W32/RPCSdbot and other viruses, visit > Panda Software's Virus Encyclopedia at: > http://www.pandasoftware.com/virus_info/encyclopedia/ > > ------------------------------------------------------------
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
