[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Many Subjects



Many different subjects (security alert, voting for Computax, my
address, new RedHat/Apache/PHP/maybe-Gimp), loaned PCs for
Computax, and burning CDs):

1. Urgent alert: A hacker(s) broke dozens Israeli Linux servers in
   the previous days. He used a buffer overflow in BIND (not the
   buffer overflow found on May 21, but an older one). I call
   everybody who has a Linux with running named/BIND/DNS (and also
   Linuxes without DNS) to download ALL the security erratas and
   patches (RedHat has RPMs in its site) and to install them
   immediately. In addition, although the hacker used a
   professional method, it is a good practice to defend the stupid
   holes as well: Don't use trusted hosts, even behind firewalls;
   Deny spoofing in your firewall/access-lists-of-router/ipfw, as
   well as access to NFS/telnet/SMB/X/etc.; Use the latest stable
   kernel (2.0.33 up to this minute - 2.0.34 is very near!); Don't
   send clear-text passwords through the Internet (telnet rather
   than ssh, POP3 rather than APOP, non-anonymous FTP, etc.); And,
   finally, backup your work.
   Damages: Some disks were removed, some others were hurted, and
   tracks were removed from all (/var/log was removed, systems
   were crashed in order to clean memory, etc.). The hacker could
   break other UNIXes as well, but he focused on Linuxes (buffer
   overflow is system dependent; You must design it specifically
   for one platform), probably because there are so many Linuxes;
   Of course, the effect on the other UNIXes was simply a crash of
   the named.
   Some security experts claim that the hacker is probably from a
   Neo-Nazi group of hackers who promised a few weeks ago to
   prevenge the exploits of the Analyzer.

2. Summing the votes (many were posted privately to me and not to
   the list), there were many "yes" and even not one "no".

3. My address is: Eli Marmor, 7 Lassal St., Kfar-Saba 44417.
   Please attach your address to the cheques. I'll price the
   inclusion in the consultant's list in 24 hours, and ask for your
   opinion.

4. RedHat 5.1 is ready for downloading; I think we must download it
   and use this version for burning on CDs (for Computax). BTW:
   Many release candidates of important packages (e.g. Apache, PHP3)
   were announced on the last day (thanks to a very long weekend in
   America - Saturday, Sunday, and Memorial Day).

S. Schapiro (nessy) wrote:
> I can give my old 486/DX2/20MB for q2 server. runs perfectly. try this under
> Windows !

5. (20MB disk or RAM? ;-)  Thanks!  Anyway, if we are going to show
   it, we must put a big title on its screen saying: "A Fast
   486/DX2/20MB!" or "A Born Again 486/DX2/20MB!". And we must have
   a stronger computer too (we have too 10BaseT ports, and the space
   is enough only for two computers - assuming we need space for us,
   for papers, etc.).
   We still need more computer(s). Before loaning yours, check with
   PC resellers and importers (e.g. Compaq/Dell/Newron/IBM/etc.).
   Some of them will be happy to put a computer in an exhibition.

6. We need a volunteer to burn CDs. BTW: It will be clever to verify
   the burned CDs on a computer with an old CD. As I said previously,
   I'll cover all the costs, but in case of earnings - I'll receive
   them to cover my costs.

-- 
Eli Marmor
marmor@elmar.co.il
El-Mar Software Ltd.