|
ru.linux- RU.LINUX --------------------------------------------------------------------- From : Sergey Lentsov 2:4615/71.10 03 May 2001 17:11:19 To : All Subject : URL: http://lwn.net/2001/0503/security.php3 -------------------------------------------------------------------------------- [1][LWN Logo] [2]Click Here [LWN.net] Sections: [3]Main page Security [4]Kernel [5]Distributions [6]On the Desktop [7]Development [8]Commerce [9]Linux in the news [10]Announcements [11]Linux History [12]Letters [13]All in one big page See also: [14]last week's Security page. Security News and Editorials CylantSecure for Linux. We generally don't profile new commercial products for Linux on this page, preferring to focus on Open Source products and solutions instead. However, the announcement of the availability of [15]CylantSecure for Linux caught our eye for a couple of reasons. The first reason, a quite positive one, was the approach being used by the product. Most of the current focus of intrusion detection systems look either at the input to the system (e.g., network connections, attack signatures) or the output from the system (file checksums, etc.). CylantSecure looks instead at the behavior of the system itself, producing a model for what the "normal" behavior of the CPU is, when in production use, and therefore detecting "abnormal" behavior and actively dropping connections or terminating processes that display abnormal behavior. This was interesting to us because it, in many ways, resembles how a good systems administrator monitors a system, or would monitor a system, if they had the time to watch it closely 24 hours a day. The system administrator knows what the machine is used for, the people that use it and the behavior of the machine under normal load. Abnormal behavior means something needs to be fixed, whether the "something" is a security problem, a network problem, a disk problem, etc. So a security model that scientifically models the behavior that a system administrator "learns" as part of the job, was definitely of interest. The second reason CylantSecure for Linux caught our eye, though, was its implementation. To be specific, its implementation includes the use of binary kernel modules, which gave us strong concerns. Linus has strongly deprecated the use of binary kernel modules even for device drivers, for many good reasons. The use of binary kernel modules to implement core functionality in a new security product was, in our opinion, a very bad idea. Fortunately, a phone interview with Cylant CEO and founder John Munson and Scott Wimer, their Director of Product Development, cleared up our concern, as we explain below. Implementation. CylantSecure for Linux is implemented in four pieces. The first consists of two patches to the Linux kernel which modify the kernel data structure to allow the gathering of information about actions taken by the kernel, both the action taken and the process id associated with that action. This goes beyond just tagging system calls; the second of the two patches inserts instrumentation (new function calls) into over 3300 places in the kernel. The source code for these patches is fully available, and therefore not a concern. It is, however, large, running over 300K in size. The second piece of CylantSecure consists of binary kernel modules which actually collect the data from the kernel, create profiles from it and pass information on to the third piece, a user-space process called "Watcher". We were very happy to learn from our interview with John and Scott that the source code for these modules will be released in the near future and that they were never intended to remain closed source. Currently the modules are going through a re-design. As soon as that re-design is complete and, as a result, the code is clean and maintainable enough to be a "worthwhile gift to the Open Source community", Scott assured us that the code would be released. The remaining two pieces of CylantSecure are the Watcher, mentioned above, and the console management system. The management system may also be Open Sourced, but that decision has not yet been finalized. The Watcher program will remain closed source. In fact, a patent is pending on the techniques used in the Watcher program to model the system behavior. Software patent-watchers within the community will have to judge the virtue of this patent compared to the many other software patents that we have often deprecated, but it is certainly not quite the same as putting a patent on "point-and-click". Nonetheless, if someone believes there is already prior art for this patent, we would be interested to hear about it. It should be noted that CylantSecure for Linux was primarily a proof-of-concept product; they chose the Linux kernel for their first project because it is an extremely large, complex and stable piece of software. The techniques used, though, are just as applicable to any other large software system, such as accounting systems, payroll, traffic analysis, any software system where reliability and security is essential. In fact, they are as applicable to ensuring reliable data input as to preventing intrusions. But does it work? The folks at CylantSecure believe it does but state up front that they are engineers, implementing a scientific engineering principle, not security experts. They don't have a background in breaking into systems themselves. As a result, they have made a [16]victim machine available and promised to give it to the first person that successfully "owns" the box. The box is running an unpatched installation of Red Hat Linux 6.2, so there are plenty of security holes available. The question is whether an attacker can gain access and keep it without being detected and shunted off the system by CylantSecure. We'll be interested to hear about the results. No non-disclosures are required and they even have an IRC channel available to allow attackers to chat directly with their developers. Overall, we found the new paradigm being explored very interesting and we are looking forward to seeing the reaction of the security community to their approach. New Linux-targeted worm: lpdw0rm. SecurityFocus has released [17]their analysis of a new worm, lpdw0rm. This particular worm is targeted at systems running unpatched versions of Red Hat Linux 7.0 that are running the LPRng service, one of the vulnerabilities that previous worms have also targeted. Installing [18]Red Hat's patch for LPRng (made available back in October) will prevent a system from being successfully attacked. Predictable TCP initial sequence numbers. We first mentioned the problem of preditable TCP initial sequence numbers in the [19]March 15th LWN Security Summary. The original report came from Guardent, a Massachusetts-based security firm who published the existence of the weakness, but not their own research on the topic. This week, more information was released. * A paper from Michal Zalewski entitled [20]Strange Attractors and TCP/IP Sequence Number Analysis describing "the use of dynamical system methods to analyze and predict TCP initial sequence numbers". * [21]Tim Newsham's paper on the topic, which Guardent has finally released. * [22]CERT's advisory on the topic. "TCP initial sequence numbers were not designed to provide proof against TCP connection attacks. The lack of cryptographically-strong security options for the TCP header itself is a deficiency that technologies like IPSec try to address. It must be noted that in the final analysis, if an attacker has the ability to see unencrypted TCP traffic generated from a site, that site is vulnerable to various TCP attacks - not just those mentioned here. The only definitive proof against all forms of TCP attack is end-to-end cryptographic solutions like those outlined in various IPSec documents". Meanwhile, Linux and OpenBSD (and FreeBSD, which has picked up the OpenBSD fix) were singled out in the CERT report as being the only TCP implementations to be relatively immune to the reported problem. Security Hall of Shame: Tektronix. Elias Levy, moderator of BugTraq, found recent information posted about security vulnerabilities in the [23]Tektronix Phaser Network Printer Administration Interface annoying enough to send out a personal comment on them. "This is not a major vulnerability. The only reason I bring it to your attention is because this is standard operating procedure for many companies. They release a products in the market with no or little security. When someone points this out to them they ignore him. When its pointed out in public they threaten to sue him. When they fix it they do it just as badly as the original security measure. And a few months latter the product is shown to be insecure once again". What was it that caught Elias' attention enough to generate so much ire? The original report of this vulnerability was made in November of 1999. The vulnerability is severe enough that it can be potentially used to permanently damage the printer. Instead of resolving the actual security problems, Tektronix simply changed the URL that could previously be used for the attack by adding an underscore at the beginning and changing the ".html" suffix to ".shtml". In addition, non-Tektronix posters had provided a workaround to improve the security of the printer, which Tektronix has since broken. Of course, the potential impact of the vulnerability can be mitigated by keeping the printer behind a firewall and restricting access to the local network. Meanwhile, Tektronix does not believe that anyone actually cares about this vulnerability. For our part, we would expect any security-conscious site to remove Tektronix from their list of acceptable vendors, given the level of cluelessness and ineptness demonstrated in the way this vulnerability has been handled. Call for Articles: SecurityFocus focuses on Incident Handling. [24]SecurityFocus is developing articles for a planned series on Incident Handling, scheduled for publication from June onwards. If you are interested in provided an article for them, check their [25]call for articles. Security Reports Zope security update. A new security bug has been found in all versions of Zope (up to and including 2.3.2) which can allow unauthorized access to a clever attacker. [26]A patch is available which fixes the problem; sites running Zope should probably apply it soon. gnupg 1.0.5 released with multiple security fixes. [27]gnupg 1.0.5 was released on April 29th. Multiple security patches have been released against gnupg 1.0.4; this new release includes all of those patches, including fixes for the [28]gnupg web of trust vulnerability and [29]false positives from detached signatures. Of course, in addition to security fixes, other feature enhancements and bug fixes are included. An upgrade to 1.0.5 is recommended. * [30]Immunix Remote vulnerabilities in Bugzilla. [31]Bugzilla 2.12 has been released and contains fixes for a [32]security problem that could allow remote users to execute commands on the Bugzilla server under a non-root account. Workarounds are documented, but an upgrade to the new version is recommended. KDEsu tmplink vulnerability. KDEsu creates a world-readable temporary file to exchange authentication information and then deletes the file soon after. This allows a race condition under which the account of the local X user can be compromised. Fixes for the problem are included in [33]kdelibs-2.1.2. The KDE Project recommends an upgrade both to kdelibs-2.1.2 and to KDE 2.1.1. * [34]Red Hat gftp format string vulnerability. [35]gftp is a multi-threaded X-based ftp client. A format string vulnerability [36]has been reported in gftp by Richard Johnson. The problem is fixed in gftp 2.0.8 and later. BugTraq ID [37]2657. * [38]Red Hat * [39]Linux-Mandrake * [40]Immunix, FormatGuard does not protect against this one. MandrakeSoft's rpmdrake tmplink vulnerability. Linux-Mandrake has issued [41]an advisory and an updated package for rpmdrake, fixing a tmplink vulnerability in that package. web scripts. The following web scripts were reported to contain vulnerabilities: * The [42]Perl Web Server has been reported to contain to a [43]directory transveral vulnerability. No patch or fix has yet been provided. Note that this is an experimental project, currently at release 0.3. * [44]PerlCal, a calendar and scheduler managed via CGI scripts, has been reported vulnerable to a [45]directory transveral problem. No vendor response has been reported so far. Note that PerlCal is a commercial product. BugTraq ID [46]2663. Commercial products. The following commercial products were reported to contain vulnerabilities: * The [47]SAP R/3 Web Application Server Demo for Linux has been reported to be vulnerable to a local root exploit via the program saposcol (SAP Operating System Collector) which is installed setuid root. Both workarounds and updated versions of the program have been made available. BugTraq ID [48]2662. Updates NEdit temporary file link vulnerability. Check the [49]April 26th LWN Security Summary for the original report. BugTraq ID [50]2627. This week's updates: * [51]Debian Previous updates: * [52]SuSE (April 26th) * [53]Linux-Mandrake (April 26th) Multiple security fixes in OpenSSL-0.9.6a. [54]OpenSSL-0.9.6a was announced [55]last week and contains fixes for four security issues. An upgrade to the latest version is recommended. This week's updates: * [56]Engarde SAFT/sendfile broken privileges. Check the [57]April 26th LWN Security Summary for the original report. The vulnerabilities can be exploited locally to gain root privileges. BugTraq ID [58]2631 and [59]2645. This week, Florian Weimer pointed out that sendfile author Ulli Horlacher, released [60]an updated version of sendfile in February which Florian indicated should correct the problems. Previous updates: * [61]Debian (April 26th) * [62]Progeny (April 26th) Multiple FTP daemon globbing vulnerabilities. Check the [63]April 12th LWN Security Summary for the original report. This week's updates: * [64]Progeny Previous updates: * [65]NetBSD (April 12th) * [66]FreeBSD (April 19th) * [67]OpenBSD (April 26th) ntp remotely exploitable static buffer overflow. An exploit for a static buffer overflow in the Network Time Protocol (ntp) was published on April 4th. This exploit can allow a remote attacker to crash the ntp daemon and possibly execute arbitrary commands on the host. Patches and new packages to fix this problem came out quickly. It is recommended that you upgrade your ntp package immediately. If you cannot, disabling the service until you can is a good idea. For more details and links to related posts, check BugTraq ID [68]2540. This week's updates: * [69]Engarde, updated advisory, includes i386 packages not included in the original advisory Previous updates: * [70]Caldera (April 12th) * [71]Conectiva (April 12th) * [72]Debian (April 12th) * [73]Debian, original patch to ntp introduced a potential denial-of-service problem, fixed in new updates to ntp. (April 12th) * [74]Engarde (April 12th) * [75]Immunix (April 12th) * [76]Linux-Mandrake (April 12th) * [77]NetBSD (April 12th) * [78]Progeny (April 12th) * [79]Red Hat (April 12th) * [80]Slackware (April 12th) * [81]SuSE (April 12th) * [82]Trustix (April 12th) * [83]KRUD (April 19th) * [84]FreeBSD (April 19th) * [85]Progeny (April 19th) Zope security update. Digital Creations released [86]a security update to Zope (all versions up to 2.3b1) fixing a security vulnerability in how ZClasses are handled the week of [87]March 1st. An upgrade is recommended. This week's updates: * [88]Debian, previous update to Zope was seriously broken Previous updates: * [89]Red Hat (March 1st) * [90]Linux-Mandrake (March 1st) * [91]Conectiva (March 8th) * [92]Debian (March 15th) Resources New Turbolinux Public Key. Turbolinux has [93]updated their public key. Security Breach Traced to Hole in Head of Admin (BBspot, humor). From BBspot to lighten your mood for the day, comes an article about a [94]Security Breach in Linux and its source. "Work at Selby Communications ground to halt as their network server was wiped clean yesterday by a malicious virus. Security experts called in to investigate the incident discovered the virus exploited a hole in the head of Systems Administrator Matt Simmons". vsftpd-0.9.0. Chris Evans announced the release of [95]vsftpd-0.9.0 this week. vsftpd is a small, fast ftp server written from the ground up to be free of security holes and/or to mitigate the impact of potential security problems. lcrzoex and lcrzo 3.10. New versions of the network test tools [96]lcrzoex and lcrzo were released this week. Events Black Hat Briefings USA '01. A [97]full announcement for the upcoming Black Hat Briefings USA, to be held July 11th-12th in Las Vegas, Nevada, USA, was released this week. "This year's topics include: Reverse Engineering, the Honey Net Project, the CVE, 802.11b WEP security, ICMP scanning, SQL security configuration, GSM and WAP security, and more". Early Bird registration for NetSec. [98]Early bird registration for [99]NetSec2001 Network Security Conference ends May 4th. NetSec2001 will be held June 18th through the 20th in New Orleans, Louisiana, USA. Upcoming Security Events. Date Event Location May 13 - 16, 2001 [100]2001 IEEE Symposium on Security Oakland, CA, USA May 13 - 16, 2001 [101]CHES 2001 Paris, France May 29, 2001 [102]Security of Mobile Multiagent Systems(SEMAS-2001) Montreal, Canada May 31 - June 1, 2001 [103]The first European Electronic Signatures Summit London, England, UK June 1 - 3, 2001 [104]Summercon 2001 Amsterdam, Netherlands June 4 - 8, 2001 [105]TISC 2001 Los Angeles, CA, USA June 5 - 6, 2001 [106]2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop United States Military Academy, Westpoint, New York, USA June 11 - 13, 2001 [107]7th Annual Information Security Conference: Securing the Infocosm: Security, Privacy and Risk Orlando, FL, USA. June 17 - 22, 2001 [108]13th Annual Computer Security Incident Handling Conference (FIRST 2001) Toulouse, France June 18 - 20, 2001 [109]NetSec Network Security Conference(NetSec '01) New Orleans, Louisiana, USA. June 19 - 20, 2001 [110]The Biometrics Symposium Chicago, Illinois, USA. For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' [111]calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to [112]lwn@lwn.net. Section Editor: [113]Liz Coolbaugh May 3, 2001 [114]Click Here Secured Distributions: [115]Engarde Secure Linux [116]Immunix [117]Nexus [118]SLinux [119]NSA Security Enhanced [120]Trustix Security Projects [121]Bastille [122]Linux Security Audit Project [123]Linux Security Module [124]OpenSSH Security List Archives [125]Bugtraq Archive [126]Firewall Wizards Archive [127]ISN Archive Distribution-specific links [128]Caldera Advisories [129]Conectiva Updates [130]Debian Alerts [131]Kondara Advisories [132]Esware Alerts [133]LinuxPPC Security Updates [134]Mandrake Updates [135]Red Hat Errata [136]SuSE Announcements [137]Yellow Dog Errata BSD-specific links [138]BSDi [139]FreeBSD [140]NetBSD [141]OpenBSD Security mailing lists [142]Caldera [143]Cobalt [144]Conectiva [145]Debian [146]Esware [147]FreeBSD [148]Kondara [149]LASER5 [150]Linux From Scratch [151]Linux-Mandrake [152]NetBSD [153]OpenBSD [154]Red Hat [155]Slackware [156]Stampede [157]SuSE [158]Trustix [159]turboLinux [160]Yellow Dog Security Software Archives [161]munitions [162]ZedZ.net (formerly replay.com) Miscellaneous Resources [163]CERT [164]CIAC [165]Comp Sec News Daily [166]Crypto-GRAM [167]LinuxLock.org [168]LinuxSecurity.com [169]OpenSEC [170]Security Focus [171]SecurityPortal [172]Next: Kernel [173]Eklektix, Inc. Linux powered! Copyright Л 2001 [174]Eklektix, Inc., all rights reserved Linux (R) is a registered trademark of Linus Torvalds References 1. http://lwn.net/ 2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012 3. http://lwn.net/2001/0503/ 4. http://lwn.net/2001/0503/kernel.php3 5. http://lwn.net/2001/0503/dists.php3 6. http://lwn.net/2001/0503/desktop.php3 7. http://lwn.net/2001/0503/devel.php3 8. http://lwn.net/2001/0503/commerce.php3 9. http://lwn.net/2001/0503/press.php3 10. http://lwn.net/2001/0503/announce.php3 11. http://lwn.net/2001/0503/history.php3 12. http://lwn.net/2001/0503/letters.php3 13. http://lwn.net/2001/0503/bigpage.php3 14. http://lwn.net/2001/0426/security.php3 15. http://www.cylant.com/products/secure.htm 16. http://victim.cylant.com/ 17. http://lwn.net/2001/0503/a/lpdw0rm.php3 18. http://lwn.net/2000/1005/a/sec-lprng-rh.php3 19. http://lwn.net/2001/0315/security.php3 20. http://razor.bindview.com/publish/papers/tcpseq.html 21. http://www.guardent.com/cgi-bin/pdfdownload.pl 22. http://lwn.net/2001/0503/a/cert-tcpsequence.php3 23. http://www.securityfocus.com/bid/2659 24. http://www.securityfocus.com/ 25. http://lwn.net/2001/0503/a/sec-cfa.php3 26. http://lwn.net/2001/0503/a/zope-zclass-fix.php3 27. http://www.gnupg.org/whatsnew.html#rn20010429 28. http://lwn.net/2000/1221/security.php3#gnupg2 29. http://lwn.net/2001/0104/security.php3#gnupg2 30. http://lwn.net/2001/0503/a/im-gnupg.php3 31. http://freshmeat.net/releases/46616/ 32. http://lwn.net/2001/0503/a/sec-bugzilla.php3 33. http://dot.kde.org/988663144/ 34. http://lwn.net/2001/0503/a/rh-kdelibs.php3 35. http://gftp.seul.org/ 36. http://www.securityfocus.com/archive/82/177241 37. http://www.securityfocus.com/bid/2657 38. http://lwn.net/2001/0503/a/rh-gftp.php3 39. http://lwn.net/2001/0503/a/lm-gftp.php3 40. http://lwn.net/2001/0503/a/im-gftp.php3 41. http://lwn.net/2001/0503/a/lm-rpmdrake.php3 42. http://perlwebserver.sourceforge.net/ 43. http://www.securityfocus.com/bid/2648 44. http://www.perlcal.com/ 45. http://securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26th reads%3D1%26fromthread%3D0%26tid%3D180517%26start%3D2001-04-29%26end%3D2001-05-0 5%26 46. http://www.securityfocus.com/bid/2663 47. http://lwn.net/2001/0503/a/sec-sap.php3 48. http://www.securityfocus.com/bid/2662 49. http://lwn.net/2001/0426/security.php3#nedit 50. http://www.securityfocus.com/bid/2627 51. http://lwn.net/2001/0503/a/db-nedit.php3 52. http://lwn.net/2001/0426/a/suse-nedit.php3 53. http://lwn.net/2001/0426/a/lm-nedit.php3 54. http://www.openssl.org/news/announce.html 55. http://lwn.net/2001/0426/security.php3#openssl 56. http://lwn.net/2001/0503/a/esl-openssl.php3 57. http://lwn.net/2001/0426/security.php3#sendfile 58. http://www.securityfocus.com/bid/2631 59. http://www.securityfocus.com/bid/2645 60. ftp://ftp.belwue.de/pub/unix/sendfile/ 61. http://lwn.net/2001/0426/a/debian-sendfile.php3 62. http://lwn.net/2001/0426/a/progeny-sendfile.php3 63. http://lwn.net/2001/0412/security.php3#bsdftp 64. http://lwn.net/2001/0503/a/progeny-bsdftp.php3 65. http://lwn.net/2001/0412/a/nb-ftp.php3 66. http://lwn.net/2001/0419/a/fb-ftp.php3 67. http://openbsd.org/errata28.html#glob_limit 68. http://www.securityfocus.com/bid/2540 69. http://lwn.net/2001/0503/a/engarde-ntp.php3 70. http://lwn.net/2001/0412/a/cald-ntpd.php3 71. http://lwn.net/2001/0412/a/con-xntp.php3 72. http://lwn.net/2001/0412/a/deb-ntp.php3 73. http://lwn.net/2001/0412/a/db-ntp-2.php3 74. http://lwn.net/2001/0412/a/engarde-xntp.php3 75. http://lwn.net/2001/0412/a/im-ntp-xntp3.php3 76. http://lwn.net/2001/0412/a/lm-ntp-xntp3.php3 77. http://lwn.net/2001/0412/a/nb-ntp.php3 78. http://lwn.net/2001/0412/a/progeny-ntpd.php3 79. http://lwn.net/2001/0412/a/rh-xntp.php3 80. http://lwn.net/2001/0412/a/sl-xntp.php3 81. http://lwn.net/2001/0412/a/suse-xntp.php3 82. http://lwn.net/2001/0412/a/trustix-xntp.php3 83. http://lwn.net/2001/0419/a/krud-ntp.php3 84. http://lwn.net/2001/0419/a/fb-ntp.php3 85. http://lwn.net/2001/0419/a/progeny-ntp.php3 86. http://lwn.net/2001/0503/a/zope-zclasses.php3 87. http://lwn.net/2001/0301/security.php3#zope 88. http://lwn.net/2001/0503/a/deb-zope.php3 89. http://lwn.net/2001/0301/a/rh-2001-021-06.php3 90. http://lwn.net/2001/0301/a/lm-zope.php3 91. http://lwn.net/2001/0308/a/con-zope.php3 92. http://lwn.net/2001/0315/a/deb-zope-20010309.php3 93. http://lwn.net/2001/0503/a/sec-tlkey.php3 94. http://bbspot.com/News/2001/05/hole.html 95. http://lwn.net/2001/0503/a/vsftpd-0.9.0.php3 96. http://lwn.net/2001/0503/a/lcrzo.php3 97. http://lwn.net/2001/0503/a/blackhatusa.php3 98. http://lwn.net/2001/0503/a/netsec.php3 99. http://www.gocsi.com/netsec01 100. http://www.ieee-security.org/TC/sp2001.html 101. http://www.ece.wpi.edu/Research/crypt/ches/start.html 102. http://www.dfki.de/~kuf/semas/ 103. http://www.iqpc.com/cgi-bin/templates/98485262029583740234300003/genevent.html?e vent=1525&topic= 104. http://www.summercon.org/announcements/ 105. http://www.tisc2001.com/ 106. http://www.itoc.usma.edu/Workshop/2001/Workshop2001.htm 107. http://www.gartner.com/IndexHomePage.jsp?landPage=/2_events/conferences_briefing s/conferences/sec7.jsp 108. http://www.first.org/conference/2001/ 109. http://www.gocsi.com/netsec01 110. http://www.iqpc.com/cgi-bin/templates/98485262029583740234300003/genevent.html?e vent=1504&topic= 111. http://securityfocus.com/calendar 112. mailto:lwn@lwn.net 113. mailto:lwn@lwn.net 114. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity 115. http://www.engardelinux.org/ 116. http://www.immunix.org/ 117. http://Nexus-Project.net/ 118. http://www.slinux.org/ 119. http://www.nsa.gov/selinux/ 120. http://www.trustix.com/ 121. http://www.bastille-linux.org/ 122. http://lsap.org/ 123. http://lsm.immunix.org/ 124. http://www.openssh.com/ 125. http://www.securityfocus.com/bugtraq/archive/ 126. http://www.nfr.net/firewall-wizards/ 127. http://www.jammed.com/Lists/ISN/ 128. http://www.calderasystems.com/support/security/ 129. http://www.conectiva.com.br/atualizacoes/ 130. http://www.debian.org/security/ 131. http://www.kondara.org/errata/k12-security.html 132. http://www.esware.com/actualizaciones.html 133. http://linuxppc.org/security/advisories/ 134. http://www.linux-mandrake.com/en/fupdates.php3 135. http://www.redhat.com/support/errata/index.html 136. http://www.suse.de/security/index.html 137. http://www.yellowdoglinux.com/resources/errata.shtml 138. http://www.BSDI.COM/services/support/patches/ 139. http://www.freebsd.org/security/security.html 140. http://www.NetBSD.ORG/Security/ 141. http://www.openbsd.org/security.html 142. http://www.calderasystems.com/support/forums/announce.html 143. http://www.cobalt.com/support/resources/usergroups.html 144. http://distro.conectiva.com.br/atualizacoes/ 145. http://www.debian.org/MailingLists/subscribe 146. http://www.esware.com/lista_correo.html 147. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL 148. http://www.kondara.org/mailinglist.html.en 149. http://l5web.laser5.co.jp/ml/ml.html 150. http://www.linuxfromscratch.org/services/mailinglistinfo.php 151. http://www.linux-mandrake.com/en/flists.php3 152. http://www.netbsd.org/MailingLists/ 153. http://www.openbsd.org/mail.html 154. http://www.redhat.com/mailing-lists/ 155. http://www.slackware.com/lists/ 156. http://www.stampede.org/mailinglists.php3 157. http://www.suse.com/en/support/mailinglists/index.html 158. http://www.trustix.net/support/ 159. http://www.turbolinux.com/mailman/listinfo/tl-security-announce 160. http://lists.yellowdoglinux.com/ydl_updates.shtml 161. http://munitions.vipul.net/ 162. http://www.zedz.net/ 163. http://www.cert.org/nav/alerts.html 164. http://ciac.llnl.gov/ciac/ 165. http://www.MountainWave.com/ 166. http://www.counterpane.com/crypto-gram.html 167. http://linuxlock.org/ 168. http://linuxsecurity.com/ 169. http://www.opensec.net/ 170. http://www.securityfocus.com/ 171. http://www.securityportal.com/ 172. http://lwn.net/2001/0503/kernel.php3 173. http://www.eklektix.com/ 174. http://www.eklektix.com/ --- ifmail v.2.14.os7-aks1 * Origin: Unknown (2:4615/71.10@fidonet) Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
Архивное /ru.linux/2030837b04747.html, оценка из 5, голосов 10
|