[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FWD: Security alert: Have you upgraded BIND?




FYI see the Linux Tip below.    ERA

---------- Original Message ----------------------------------
From: "Linux Tips at TechRepublic.com" <TechRepublic#1.624.86-jXYSlC7un4Js.1@techmail.techrepublic.com>
Date: Fri, 4 May 2001 11:15:06 -0400 (EDT)

TechRepublic: www.techrepublic.com

Presents your
LINUX TECHMAIL

<-----------------Advertisement------------>

FIND VENDORS THAT CATER TO YOUR IT NEEDS!

Searching for the right company to supply the right products for your
IT needs can be time consuming and frustrating. Turn to TechRepublic’s
IT Vendor Direct! From your trusted IT source comes this easy, one-stop
shop for finding and contacting thousands of qualified vendors around
the globe for any IT need. Locate your solution provider by category
or international region. Discover relevant content and analysis so you
make the right decision and work smarter, not harder.
http://click.techrepublic.com/Click?q=00-4F6lI9QsBoTrLNsXOiFXxPSP

<------------------------------------------->

LINUX TIPS FOR MAY 4, 2001

SECURITY ALERT: HAVE YOU UPGRADED BIND?
The Berkeley Internet Name Domain (BIND) server that is commonly 
included with Linux distributions contains at least four known 
vulnerabilities that intruders are beginning to exploit, according to 
the CERT Coordination Center. Because BIND provides most of the domain 
name services for the Internet, these vulnerabilities could prove 
disastrous if system administrators fail to update to the latest 
version of BIND--and apparently, many have failed to do so. If you're 
running BIND on an internal network or one that's connected to the 
Internet, be sure to check your Linux distribution's support page to 
make sure you're running the latest version. For example, Red Hat is 
making updated BIND packages available on its site.
http://www.cert.org/
http://www.redhat.com/support/errata/RHSA-2001-007.html

SECURITY ALERT: RPC.STATD (NFS)
An input validation vulnerability in the rpc.statd service enables 
intruders to gain root access to Linux systems. This service is 
generally included in the utilities provided with Network File System 
(NFS) support. If you are running NFS on your network, visit your Linux 
distribution's support page to obtain an upgraded copy of rpc.statd--
and do so without delay. Unlike most of the vulnerabilities we warn you 
about, this one has already resulted in numerous system compromises. 
For more information, see the CERT Coordination Center's page on 
rpc.statd vulnerabilities.
http://www.cert.org/current/current_activity.html#statd

------------------------------------------

Back by popular demand

PROBLEMS WITH LINUX SECURITY? WHEN CLICKING YOUR HEELS DOES NOT HELP, 
TRY STAYING ON YOUR TOES 
The Linux platform has some flaws in its security system, but these are 
problems that can be anticipated and avoided when the right preventive 
steps are executed. Find out Gartner Research's suggestions for keeping 
a Linux-based system secure.
http://click.techrepublic.com/Click?q=ce-SdWCQMsesjLZVSrahfL2Kld1

MASTERING SYSTEM ACCOUNTING IN LINUX 
Monitoring user connections and processes on your Linux system can help 
you root out unauthorized activity. This article shows you the tools 
available to you.
http://click.techrepublic.com/Click?q=ff-sVDVQmsvficwbtPJHrVpo6hx

------------------------------------------

Today @ TechRepublic

ARE YOU IN FAVOR OF MICROSOFT'S NEW XP LICENSING PROGRAM? 
Microsoft has announced a new Internet licensing registration program 
with its Windows XP and Office XP platforms. Read this column to find 
out more about this new technology, and then tell us your opinion on 
Microsoft's activation plan.
http://click.techrepublic.com/Click?q=0c-_Y5DIc8fFzJjJV6Ikjd17Y-A

MONEY TALKS DURING AN ECONOMIC DOWNTURN 
For the first time in three years, tech employees ranked money as the 
top reason for staying in their current job, according to a survey. But 
economic conditions make big salary increases unlikely. We examine the 
ramifications for IT managers.
http://click.techrepublic.com/Click?q=3e-F5SnIizjf26aH5o5qDCLGBuf

ENLISTING VISUAL BASIC INTO WINDOWS SERVICE 
Building a Windows service with VB could be compared to taking the 
square root of a negative number: They both have imaginary answers. 
Lamont Adams looks at three tools that bring the idea of a VB-built 
Windows service into the realm of reality.
http://click.techrepublic.com/Click?q=75-whhtIKUlzu79Qj35QjyBwzxE

------------------------------------------

IT TRAINER DIGEST
You teach the new apps before bugs are discovered, much less fixed. So 
how do you find the time to keep apprised of developments in the 
training industry and what they mean for your career? Now it's easier 
than ever, with TechRepublic's IT Trainer Digest TechMail. We've 
partnered with ONLINELEARNING MAGAZINE to bring you the news and 
information you need to keep in touch and stay ahead. Subscribe today!
http://click.techrepublic.com/Click?q=c1-PI4jQpW6ByrFFXIo6Odbg89B

------------------------------------------

TechRepublic TechMails may contain links to sites on the Internet which 
are owned and operated by third parties. TechRepublic, Inc. is not 
responsible for the content of any such third-party site.

To update your TechMails selections:
http://click.techrepublic.com/Click?q=f8-57ISQfsjKhrRFWGn6arEiGas

To unsubscribe from this mailing list reply to this message with 
"unsubscribe 7163" in the subject or click here:
http://click.techrepublic.com/Click?q=c1-PIsjr-W7Bill3Xbu6qiqgmiLxjAI.

Questions or comments:
mailto:ecomments@techrepublic.com?subject=Linux

Copyright 1999-2001 TechRepublic, Inc. All rights reserved.



-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.