[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Many Subjects
Eli Marmor wrote:
> Many different subjects (security alert, voting for Computax, my
> address, new RedHat/Apache/PHP/maybe-Gimp), loaned PCs for
> Computax, and burning CDs):
>
> 1. Urgent alert: A hacker(s) broke dozens Israeli Linux servers in
> the previous days. He used a buffer overflow in BIND (not the
> buffer overflow found on May 21, but an older one). I call
> everybody who has a Linux with running named/BIND/DNS (and also
> Linuxes without DNS) to download ALL the security erratas and
> patches (RedHat has RPMs in its site) and to install them
> immediately. In addition, although the hacker used a
> professional method, it is a good practice to defend the stupid
> holes as well: Don't use trusted hosts, even behind firewalls;
> Deny spoofing in your firewall/access-lists-of-router/ipfw, as
> well as access to NFS/telnet/SMB/X/etc.; Use the latest stable
> kernel (2.0.33 up to this minute - 2.0.34 is very near!); Don't
> send clear-text passwords through the Internet (telnet rather
> than ssh, POP3 rather than APOP, non-anonymous FTP, etc.); And,
> finally, backup your work.
> Damages: Some disks were removed, some others were hurted, and
> tracks were removed from all (/var/log was removed, systems
> were crashed in order to clean memory, etc.). The hacker could
> break other UNIXes as well, but he focused on Linuxes (buffer
> overflow is system dependent; You must design it specifically
> for one platform), probably because there are so many Linuxes;
> Of course, the effect on the other UNIXes was simply a crash of
> the named.
> Some security experts claim that the hacker is probably from a
> Neo-Nazi group of hackers who promised a few weeks ago to
> prevenge the exploits of the Analyzer.
>
if i only open udp port 53, am i proned to attacks ?
>
[snip]
> 6. We need a volunteer to burn CDs. BTW: It will be clever to verify
> the burned CDs on a computer with an old CD. As I said previously,
> I'll cover all the costs, but in case of earnings - I'll receive
> them to cover my costs.
>
I volunteer, but i do not have the source cd ( i.e. RH5.1)
> --
> Eli Marmor
> marmor@elmar.co.il
> El-Mar Software Ltd.
regards
Erez Doron