[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Many Subjects





Eli Marmor wrote:

> Many different subjects (security alert, voting for Computax, my
> address, new RedHat/Apache/PHP/maybe-Gimp), loaned PCs for
> Computax, and burning CDs):
>
> 1. Urgent alert: A hacker(s) broke dozens Israeli Linux servers in
>    the previous days. He used a buffer overflow in BIND (not the
>    buffer overflow found on May 21, but an older one). I call
>    everybody who has a Linux with running named/BIND/DNS (and also
>    Linuxes without DNS) to download ALL the security erratas and
>    patches (RedHat has RPMs in its site) and to install them
>    immediately. In addition, although the hacker used a
>    professional method, it is a good practice to defend the stupid
>    holes as well: Don't use trusted hosts, even behind firewalls;
>    Deny spoofing in your firewall/access-lists-of-router/ipfw, as
>    well as access to NFS/telnet/SMB/X/etc.; Use the latest stable
>    kernel (2.0.33 up to this minute - 2.0.34 is very near!); Don't
>    send clear-text passwords through the Internet (telnet rather
>    than ssh, POP3 rather than APOP, non-anonymous FTP, etc.); And,
>    finally, backup your work.
>    Damages: Some disks were removed, some others were hurted, and
>    tracks were removed from all (/var/log was removed, systems
>    were crashed in order to clean memory, etc.). The hacker could
>    break other UNIXes as well, but he focused on Linuxes (buffer
>    overflow is system dependent; You must design it specifically
>    for one platform), probably because there are so many Linuxes;
>    Of course, the effect on the other UNIXes was simply a crash of
>    the named.
>    Some security experts claim that the hacker is probably from a
>    Neo-Nazi group of hackers who promised a few weeks ago to
>    prevenge the exploits of the Analyzer.
>

if  i only open udp port 53, am  i proned to attacks ?

>

[snip]

> 6. We need a volunteer to burn CDs. BTW: It will be clever to verify
>    the burned CDs on a computer with an old CD. As I said previously,
>    I'll cover all the costs, but in case of earnings - I'll receive
>    them to cover my costs.
>

I volunteer, but i do not have the source cd ( i.e. RH5.1)

> --
> Eli Marmor
> marmor@elmar.co.il
> El-Mar Software Ltd.

regards
Erez Doron