Linux Today SECURITY LETTER FOR SEPTEMBER 25, 2000 Latest Security News for the Linux and Open Source Community. ------------------------------------------------------------------ ------------------------------------------------------------------ TODAY'S LINUX SECURITY NEWS: ------------------------------------------------------------------ SYSADMIN: INSTALLING AND CONFIGURING OPENSSH "By discovering passwords sent over the wire or hijacking a connection via man-in-the-middle attacks, a malicious cracker could quickly commandeer your network for her own nefarious purposes. Luckily, a solution has been created, Secure Shell, which replaces plain-text communication protocols, such as telnet, rsh, and rlogin." COMPLETE STORY: http://www.samag.com/current/feature.shtml ------------------------------------------------------------------ SECURITY PORTAL: WEEKLY LINUX SECURITY DIGEST 2000/09/18 TO 2000/09/24 "More format string bugs were found this week, one in klogd/syslogd, exploitable locally and possibly remotely. This sort of mistake is incredibly easy to make, and can be quite severe (local/remote root exploits)." COMPLETE STORY: http://securityportal.com/topnews/weekly/linux20000925.html ------------------------------------------------------------------ SECURITY PORTAL: KILLING DAEMONS! "The problem is this: most system administrators don't know what all those programs on their systems do ! This article attempts to clear up the confusion, by describing the purpose of each of the running daemons on a Red Hat 6.1/6.x "Server" box and often giving suggestions for deactivation." COMPLETE STORY: http://securityportal.com/cover/coverstory20000925.html ------------------------------------------------------------------ LINUX SECURITY WEEK, SEPTEMBER 25TH, 2000 "Our feature this week, "Building a secure web server using Apache and OpenSSL," by Nick DeClario, outlines methods of using apache and OpenSSL to create a web server that can keep authentication and other information away from prying eyes. This is a "must-read" for server administrators." COMPLETE STORY: http://www.linuxsecurity.com/articles/forums_article-1627.html /-------------------------------------------------------------------\ LOOKING FOR LINUX PRODUCT REVIEWS? Linux Central has teamed with JustLinux to provide a comprehensive list of product reviews. Simply click on the product your interested in and follow the review to justlinux.com Visit http://www.justlinux.com/bin/review/productreview.pl \--------------------------------------------------------------adv.-/ SECURITY PORTAL LAUNCHES "LINUX SECURITY LIST" TO CATCH ALL LINUX SECURITY ADVISORIES "...a moderated list covering Linux security. Instead of signing up to multiple vendor advisories in the hopes of catching problems as they become public, you need only be on one single list." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=27934 ------------------------------------------------------------------ CONECTIVA LINUX SECURITY ANNOUNCEMENT - IMP "There are several vulnerabilities in the horde and imp packages shipped with Conectiva Linux that allow an user to execute remote commands on the server as the user "nobody". COMPLETE STORY: http://linuxtoday.com/story.php3?sn=27939 ------------------------------------------------------------------ Visit the other sites in the Linux Channel: Linux Planet <http://www.linuxplanet.com>, LinuxStart <http://www.linuxstart.com>, Linux Central <http://www.linuxcentral.com>, and JustLinux <http://www.justlinux.com>. Also, check out the ISP-Linux Moderated Digest <http://isp-lists.isp-planet.com/moderated/isp-linux/>. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For information about advertising in this newsletter, contact Frank Fazio, Director of Inside Sales, internet.com Corporation Call (203)662-2997 or write mailto:[EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This newsletter is published by internet.com Corporation http://internet.com - The Internet Industry Portal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To learn about other free newsletters offered by internet.com or to change your subscription - http://e-newsletters.internet.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ internet.com's network of more than 100 Websites are organized into 14 channels... Internet Technology http://internet.com/sections/it.html E-Commerce/Marketing http://internet.com/sections/marketing.html Web Developer http://internet.com/sections/webdev.html Windows Internet Technology http://internet.com/sections/win.html Linux/Open Source http://internet.com/sections/linux.html Internet Resources http://internet.com/sections/resources.html Internet Lists http://internet.com/sections/lists.html ISP Resources http://internet.com/sections/isp.html Downloads http://internet.com/sections/downloads.html International http://internet.com/sections/international.html Internet News http://internet.com/sections/news.html Internet Investing http://www.internet.com/sections/stocks.html ASP Resources http://internet.com/sections/asp.html Wireless Internet http://internet.com/sections/wireless.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To find an answer - http://search.internet.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For information on reprinting or linking to internet.com content: http://internet.com/corporate/permissions.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Copyright (c) 2000 internet.com Corporation ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
