[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

LNO Newsletter (fwd)




---------- Forwarded message ----------
Date: Fri, 20 Apr 2001 15:37:05 -0500
From: LinuxNewbie <listsupport@xxxxxxxxxxxx>
To: fred@xxxxxxxxxxxxxxx
Subject: LNO Newsletter

LNO Newsletter
-----------

Any feedback or suggestions on any aspect of this newsletter send to 
feedback@xxxxxxxxxxxxxxxx

=========
Interesting LNO Discussion Thread:
------
ndogg posted:
We all love open source stuff, but sometimes I have a little trouble reading 
other people's code. For a while I've been looking at the code for the game 
NiL, and it can be a bitch at times. Do you guys have any tips on reading 
other people's code, and coding itself?

Article Link:
http://www.linuxnewbie.org/cgi-bin/ubbcgi/ultimatebb.cgi?ubb=get_topic&f=14&t=002805

===============
News from the front:
=======
Intel 1.7GHz P4 - price pre-information
---
halfcircles writes, "Intel is launching the 1.7Ghz Pentium 4 on Monday! 
Tuesday, the 1.5GHz P4 will be priced at $256 and the 1.4GHz at $193 Wow!"

--Good thing I just picked up some cheap memory to possibly go with some of 
these new super chips...whoohooo!

Article Link:
http://www.theregister.co.uk/content/3/18409.html

/-------------------------------------------------------------------\

SPECIAL OFFER for internet.com Newsletter Subscribers!
$100 off internet.com's newest report, "The ISP Market: Challenges
and Strategies for the Future" -- Now $195 (PDF) at AllNetResearch.com

For more information or to order at the special discount:
http://allnetresearch.internet.com/item/0,3008,2165381_1,00.html
(Newsletter Subscriber offer good until April 30, 2001)

\--------------------------------------------------------------adv.-/

=======
Libsafe: Protecting Critical Elements of Stacks
---
Thanks to Alphageek for the heads up:

"The exploitation of buffer overflow and format string vulnerabilities in 
process stacks constitutes a significant portion of security attacks in 
recent years. We present a new method to detect and handle such attacks. In 
contrast to previous work, our method does not require any modification to 
the operating system and works with existing binary programs. Our method does 
not require access to the source code of defective programs, nor does it 
require recompilation or off-line processing of binaries. Furthermore, it can 
be implemented on a system-wide basis transparently.

Our solution is based on a middleware software layer that intercepts all 
function calls made to library functions that are known to be vulnerable. A 
substitute version of the corresponding function implements the original 
functionality, but in a manner that ensures that any buffer overflows are 
contained within the current stack frame, thus, preventing attackers from 
'smashing' (overwriting) the return address and hijacking the control flow of 
a running program. We have implemented our solution on Linux as a dynamically 
loadable library called libsafe. Libsafe has demonstrated its ability to 
detect and prevent several known attacks, but its real benefit, we believe, 
is its ability to prevent yet unknown attacks. Experiments indicate that the 
performance overhead of libsafe is negligible."

Article Link:
http://www.avayalabs.com/project/libsafe/index.html

=======
Security flaw in Linux 2.4 IPTables using FTP PORT
---
Ripped from LT, "If an attacker can establish an FTP connection passing 
through a Linux 2.4.x IPTables firewall with the state options allowing 
'related' connections (almost 100% do), he can insert entries into the 
firewall's RELATED ruleset table allowing the FTP Server to connect to any 
host and port protected by the firewalls rules, including the firewall 
itself...."

--Note: LNO just published Prince_kenshi's iptables NHF. For those that read 
it and/or use iptables read this story.

Article link:
http://www.tempest.com.br/advisories/01-2001.html

=======
Sensei double posts and is slow
---
ndogg writes, "A recent event at LNO stuns LNO veterans. For the first time, 
they see Sensei post the same story on the front page twice! It was a 
stunning site to see."

Everybody has their slip ups. LAUGH IT UP! :D


=======
Mandrake 8 Released
Posted Thursday, April 19, 2001 - 9:38 AM by: Sensei | Submit Your News
<http://www.linuxnewbie.org/icons2/icon_mandrake.gif>
Thanks to a great many people for sending in the new bit. I was reluctant to 
post such news only because Mandrakes site is getting pummeled right now ;). 
Didn't want the LNO Army bringing reenforcements just yet.

Ripped from LT, "There are two ISO images files for Mandrake 8.0 available in 
the "iso/" directory. One is called Mandrake80-inst.iso and the other 
Mandrake80-ext.iso which is the extention CD. You can install a working 
system with only the first CD but the second one brings more applications. 
These iso images work and are speed-optimized for i586 (Pentium class) 
processors and higher. The iso mirror list is available here."

We'll have Mandrake's official announcement later today.

>From the New Features Page:
KDE 2.1.1
GNOME 1.4 (Nautilus 1.0.3, Evolution 0.9)
Kernel 2.4.3
Improved USB/Firewire Support
Official Reiser FS support
Integrated anti-aliasing support"

Check it out here IF YOU CAN!
http://linuxtoday.com/news_story.php3?ltsn=2001-04-19-010-20-NW-MD<br>

/-------------------------------------------------------------------\

Linux is the fastest-growing operating system on the market, 
with a powerful presence in corporate computing - 
primarily behind servers - and strong potential in the embedded space. 
Unsurprisingly, it faces difficult-to-overcome barriers when it comes 
to desktop usage, according to the new report, 
"Linux: You Get  What You Pay For?" from internet.com Corp. 
Now available at: 
http://allnetresearch.internet.com/item/0,3008,2156311_1,00.html 

\--------------------------------------------------------------adv.-/

=======
Security Flaw in Microsoft Firewall Discovered
---
Boris writes, "After discussing for the RSA Convention the reliability of 
Closed-Source Software and the extensive testing that is more efficient than 
'boring review', a flaw allowing a DoS attack was discovered in about 15 
minutes of standard testing.."

Article Link:
http://www.msnbc.com/news/560865.asp?0nm=C12L

=======
Samba 2.2.0 Released
---
Ripped from LT, "The Samba Team is proud to announce a new major release of 
Samba, version 2.2.0. This release includes significant feature enhancements 
for Samba, and sets the standard for UNIX and Microsoft Windows integration.

Enhancements include :

Integration of server terminated leases (Windows "oplocks") with UNIX NFS 
sharing (Linux 2.4 kernel and IRIX only). Complete data and locking integrity 
when sharing files between UNIX and Windows."

Article Link:
http://linuxtoday.com/news_story.php3?ltsn=2001-04-17-017-20-PR

========
In Search of the Sexiest Geek
---
Ripped from WiRED, "Geekdom has taken a hit in the past year, with Nasdaq's 
free-fall threatening an entire dot-com culture.

But such dire times have only strengthened the resolve of techies everywhere. 
Or so it seems for those vying for the second annual title of Sexiest Geek 
Alive.

The search for this year's winner starts Tuesday in Indianapolis, which is 
the first of 11 regional competitions that will be coordinated through the 
iMark trade show organization."

--I have a chance! :)

http://www.wired.com/news/culture/0,1284,43091,00.html


==============================
As always send me anything you think should or shouldn't be in this
newsletter.feedback@xxxxxxxxxxxxxxx

thanks,

Sensei

===================
Visit the other sites in the internet.com Linux/Open Source Channel:
Linux Today <http://www.linuxtoday.com>
LinuxProgramming <http://www.linuxprogramming.com>
Apache Today <http://www.apachetoday.com>
AllLinuxDevices <http://www.alllinuxdevices.com>
BSD Today <http://www.bsdtoday.com>
Enterprise Linux Today <http://www.eltoday.com>
Linux Central <http://www.linuxcentral.com>
BSD Central <http://www.bsdcentral.com>
LinuxStart <http://www.linuxstart.com>
LinuxApps <http://www.linuxapps.com>
LinuxPlanet <http://www.linuxplanet.com
Linux Today Jobs <http://jobs.linuxtoday.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Advertising: If you are interested in advertising in our newsletters, call 
Frank Fazio on 1-203-662-2997 or send email to mailto:ffazio@xxxxxxxxxxxx
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For contact information on sales offices worldwide visit 
http://www.internet.com/mediakit/salescontacts.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For details on becoming a Commerce Partner, contact David Arganbright
on 1-203-662-2858 or mailto:commerce-licensing@xxxxxxxxxxxx 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To learn about other free newsletters offered by internet.com or 
to change your subscription visit http://e-newsletters.internet.com 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
internet.com's network of more than 150 Web sites are organized into 16 
channels: 
Internet Technology          http://internet.com/it
E-Commerce/Marketing         http://internet.com/marketing
Web Developer                http://internet.com/webdev
Windows Internet Technology  http://internet.com/win
Linux/Open Source            http://internet.com/linux
Internet Resources           http://internet.com/resources
ISP Resources                http://internet.com/isp
Internet Lists               http://internet.com/lists
Download                     http://internet.com/downloads
International                http://internet.com/international
Internet News                http://internet.com/news
Internet Investing           http://internet.com/stocks 
ASP Resources                http://internet.com/asp
Wireless Internet            http://internet.com/wireless 
Career Resources             http://internet.com/careers
EarthWeb		     http://www.earthweb.com 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To find an answer - http://search.internet.com 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Looking for a job? Filling an opening? - http://jobs.internet.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This newsletter is published by internet.com Corporation 
http://internet.com - The Internet & IT Network 
Copyright (c) 2001 internet.com Corporation. All rights reserved.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For information on reprinting or linking to internet.com content: 
http://internet.com/corporate/permissions.html 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---
You are currently subscribed to linux-newbie-text as: fred@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to leave-linux-newbie-text-3674294N@xxxxxxxxxxxxxxxxxx