[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FWD: Security alert: Have you upgraded BIND?
FYI see the Linux Tip below. ERA
---------- Original Message ----------------------------------
From: "Linux Tips at TechRepublic.com" <TechRepublic#1.624.86-jXYSlC7un4Js.1@techmail.techrepublic.com>
Date: Fri, 4 May 2001 11:15:06 -0400 (EDT)
TechRepublic: www.techrepublic.com
Presents your
LINUX TECHMAIL
<-----------------Advertisement------------>
FIND VENDORS THAT CATER TO YOUR IT NEEDS!
Searching for the right company to supply the right products for your
IT needs can be time consuming and frustrating. Turn to TechRepublic’s
IT Vendor Direct! From your trusted IT source comes this easy, one-stop
shop for finding and contacting thousands of qualified vendors around
the globe for any IT need. Locate your solution provider by category
or international region. Discover relevant content and analysis so you
make the right decision and work smarter, not harder.
http://click.techrepublic.com/Click?q=00-4F6lI9QsBoTrLNsXOiFXxPSP
<------------------------------------------->
LINUX TIPS FOR MAY 4, 2001
SECURITY ALERT: HAVE YOU UPGRADED BIND?
The Berkeley Internet Name Domain (BIND) server that is commonly
included with Linux distributions contains at least four known
vulnerabilities that intruders are beginning to exploit, according to
the CERT Coordination Center. Because BIND provides most of the domain
name services for the Internet, these vulnerabilities could prove
disastrous if system administrators fail to update to the latest
version of BIND--and apparently, many have failed to do so. If you're
running BIND on an internal network or one that's connected to the
Internet, be sure to check your Linux distribution's support page to
make sure you're running the latest version. For example, Red Hat is
making updated BIND packages available on its site.
http://www.cert.org/
http://www.redhat.com/support/errata/RHSA-2001-007.html
SECURITY ALERT: RPC.STATD (NFS)
An input validation vulnerability in the rpc.statd service enables
intruders to gain root access to Linux systems. This service is
generally included in the utilities provided with Network File System
(NFS) support. If you are running NFS on your network, visit your Linux
distribution's support page to obtain an upgraded copy of rpc.statd--
and do so without delay. Unlike most of the vulnerabilities we warn you
about, this one has already resulted in numerous system compromises.
For more information, see the CERT Coordination Center's page on
rpc.statd vulnerabilities.
http://www.cert.org/current/current_activity.html#statd
------------------------------------------
Back by popular demand
PROBLEMS WITH LINUX SECURITY? WHEN CLICKING YOUR HEELS DOES NOT HELP,
TRY STAYING ON YOUR TOES
The Linux platform has some flaws in its security system, but these are
problems that can be anticipated and avoided when the right preventive
steps are executed. Find out Gartner Research's suggestions for keeping
a Linux-based system secure.
http://click.techrepublic.com/Click?q=ce-SdWCQMsesjLZVSrahfL2Kld1
MASTERING SYSTEM ACCOUNTING IN LINUX
Monitoring user connections and processes on your Linux system can help
you root out unauthorized activity. This article shows you the tools
available to you.
http://click.techrepublic.com/Click?q=ff-sVDVQmsvficwbtPJHrVpo6hx
------------------------------------------
Today @ TechRepublic
ARE YOU IN FAVOR OF MICROSOFT'S NEW XP LICENSING PROGRAM?
Microsoft has announced a new Internet licensing registration program
with its Windows XP and Office XP platforms. Read this column to find
out more about this new technology, and then tell us your opinion on
Microsoft's activation plan.
http://click.techrepublic.com/Click?q=0c-_Y5DIc8fFzJjJV6Ikjd17Y-A
MONEY TALKS DURING AN ECONOMIC DOWNTURN
For the first time in three years, tech employees ranked money as the
top reason for staying in their current job, according to a survey. But
economic conditions make big salary increases unlikely. We examine the
ramifications for IT managers.
http://click.techrepublic.com/Click?q=3e-F5SnIizjf26aH5o5qDCLGBuf
ENLISTING VISUAL BASIC INTO WINDOWS SERVICE
Building a Windows service with VB could be compared to taking the
square root of a negative number: They both have imaginary answers.
Lamont Adams looks at three tools that bring the idea of a VB-built
Windows service into the realm of reality.
http://click.techrepublic.com/Click?q=75-whhtIKUlzu79Qj35QjyBwzxE
------------------------------------------
IT TRAINER DIGEST
You teach the new apps before bugs are discovered, much less fixed. So
how do you find the time to keep apprised of developments in the
training industry and what they mean for your career? Now it's easier
than ever, with TechRepublic's IT Trainer Digest TechMail. We've
partnered with ONLINELEARNING MAGAZINE to bring you the news and
information you need to keep in touch and stay ahead. Subscribe today!
http://click.techrepublic.com/Click?q=c1-PI4jQpW6ByrFFXIo6Odbg89B
------------------------------------------
TechRepublic TechMails may contain links to sites on the Internet which
are owned and operated by third parties. TechRepublic, Inc. is not
responsible for the content of any such third-party site.
To update your TechMails selections:
http://click.techrepublic.com/Click?q=f8-57ISQfsjKhrRFWGn6arEiGas
To unsubscribe from this mailing list reply to this message with
"unsubscribe 7163" in the subject or click here:
http://click.techrepublic.com/Click?q=c1-PIsjr-W7Bill3Xbu6qiqgmiLxjAI.
Questions or comments:
mailto:ecomments@techrepublic.com?subject=Linux
Copyright 1999-2001 TechRepublic, Inc. All rights reserved.
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.