[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Many Subjects
Many different subjects (security alert, voting for Computax, my
address, new RedHat/Apache/PHP/maybe-Gimp), loaned PCs for
Computax, and burning CDs):
1. Urgent alert: A hacker(s) broke dozens Israeli Linux servers in
the previous days. He used a buffer overflow in BIND (not the
buffer overflow found on May 21, but an older one). I call
everybody who has a Linux with running named/BIND/DNS (and also
Linuxes without DNS) to download ALL the security erratas and
patches (RedHat has RPMs in its site) and to install them
immediately. In addition, although the hacker used a
professional method, it is a good practice to defend the stupid
holes as well: Don't use trusted hosts, even behind firewalls;
Deny spoofing in your firewall/access-lists-of-router/ipfw, as
well as access to NFS/telnet/SMB/X/etc.; Use the latest stable
kernel (2.0.33 up to this minute - 2.0.34 is very near!); Don't
send clear-text passwords through the Internet (telnet rather
than ssh, POP3 rather than APOP, non-anonymous FTP, etc.); And,
finally, backup your work.
Damages: Some disks were removed, some others were hurted, and
tracks were removed from all (/var/log was removed, systems
were crashed in order to clean memory, etc.). The hacker could
break other UNIXes as well, but he focused on Linuxes (buffer
overflow is system dependent; You must design it specifically
for one platform), probably because there are so many Linuxes;
Of course, the effect on the other UNIXes was simply a crash of
the named.
Some security experts claim that the hacker is probably from a
Neo-Nazi group of hackers who promised a few weeks ago to
prevenge the exploits of the Analyzer.
2. Summing the votes (many were posted privately to me and not to
the list), there were many "yes" and even not one "no".
3. My address is: Eli Marmor, 7 Lassal St., Kfar-Saba 44417.
Please attach your address to the cheques. I'll price the
inclusion in the consultant's list in 24 hours, and ask for your
opinion.
4. RedHat 5.1 is ready for downloading; I think we must download it
and use this version for burning on CDs (for Computax). BTW:
Many release candidates of important packages (e.g. Apache, PHP3)
were announced on the last day (thanks to a very long weekend in
America - Saturday, Sunday, and Memorial Day).
S. Schapiro (nessy) wrote:
> I can give my old 486/DX2/20MB for q2 server. runs perfectly. try this under
> Windows !
5. (20MB disk or RAM? ;-) Thanks! Anyway, if we are going to show
it, we must put a big title on its screen saying: "A Fast
486/DX2/20MB!" or "A Born Again 486/DX2/20MB!". And we must have
a stronger computer too (we have too 10BaseT ports, and the space
is enough only for two computers - assuming we need space for us,
for papers, etc.).
We still need more computer(s). Before loaning yours, check with
PC resellers and importers (e.g. Compaq/Dell/Newron/IBM/etc.).
Some of them will be happy to put a computer in an exhibition.
6. We need a volunteer to burn CDs. BTW: It will be clever to verify
the burned CDs on a computer with an old CD. As I said previously,
I'll cover all the costs, but in case of earnings - I'll receive
them to cover my costs.
--
Eli Marmor
marmor@elmar.co.il
El-Mar Software Ltd.