|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 03 May 2001 17:11:19
To : All
Subject : URL: http://lwn.net/2001/0503/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
CylantSecure for Linux. We generally don't profile new commercial
products for Linux on this page, preferring to focus on Open Source
products and solutions instead. However, the announcement of the
availability of [15]CylantSecure for Linux caught our eye for a couple
of reasons.
The first reason, a quite positive one, was the approach being used by
the product. Most of the current focus of intrusion detection systems
look either at the input to the system (e.g., network connections,
attack signatures) or the output from the system (file checksums,
etc.). CylantSecure looks instead at the behavior of the system
itself, producing a model for what the "normal" behavior of the CPU
is, when in production use, and therefore detecting "abnormal"
behavior and actively dropping connections or terminating processes
that display abnormal behavior.
This was interesting to us because it, in many ways, resembles how a
good systems administrator monitors a system, or would monitor a
system, if they had the time to watch it closely 24 hours a day. The
system administrator knows what the machine is used for, the people
that use it and the behavior of the machine under normal load.
Abnormal behavior means something needs to be fixed, whether the
"something" is a security problem, a network problem, a disk problem,
etc. So a security model that scientifically models the behavior that
a system administrator "learns" as part of the job, was definitely of
interest.
The second reason CylantSecure for Linux caught our eye, though, was
its implementation. To be specific, its implementation includes the
use of binary kernel modules, which gave us strong concerns. Linus has
strongly deprecated the use of binary kernel modules even for device
drivers, for many good reasons. The use of binary kernel modules to
implement core functionality in a new security product was, in our
opinion, a very bad idea. Fortunately, a phone interview with Cylant
CEO and founder John Munson and Scott Wimer, their Director of Product
Development, cleared up our concern, as we explain below.
Implementation. CylantSecure for Linux is implemented in four pieces.
The first consists of two patches to the Linux kernel which modify the
kernel data structure to allow the gathering of information about
actions taken by the kernel, both the action taken and the process id
associated with that action. This goes beyond just tagging system
calls; the second of the two patches inserts instrumentation (new
function calls) into over 3300 places in the kernel. The source code
for these patches is fully available, and therefore not a concern. It
is, however, large, running over 300K in size.
The second piece of CylantSecure consists of binary kernel modules
which actually collect the data from the kernel, create profiles from
it and pass information on to the third piece, a user-space process
called "Watcher". We were very happy to learn from our interview with
John and Scott that the source code for these modules will be released
in the near future and that they were never intended to remain closed
source. Currently the modules are going through a re-design. As soon
as that re-design is complete and, as a result, the code is clean and
maintainable enough to be a "worthwhile gift to the Open Source
community", Scott assured us that the code would be released.
The remaining two pieces of CylantSecure are the Watcher, mentioned
above, and the console management system. The management system may
also be Open Sourced, but that decision has not yet been finalized.
The Watcher program will remain closed source. In fact, a patent is
pending on the techniques used in the Watcher program to model the
system behavior. Software patent-watchers within the community will
have to judge the virtue of this patent compared to the many other
software patents that we have often deprecated, but it is certainly
not quite the same as putting a patent on "point-and-click".
Nonetheless, if someone believes there is already prior art for this
patent, we would be interested to hear about it.
It should be noted that CylantSecure for Linux was primarily a
proof-of-concept product; they chose the Linux kernel for their first
project because it is an extremely large, complex and stable piece of
software. The techniques used, though, are just as applicable to any
other large software system, such as accounting systems, payroll,
traffic analysis, any software system where reliability and security
is essential. In fact, they are as applicable to ensuring reliable
data input as to preventing intrusions.
But does it work? The folks at CylantSecure believe it does but state
up front that they are engineers, implementing a scientific
engineering principle, not security experts. They don't have a
background in breaking into systems themselves. As a result, they have
made a [16]victim machine available and promised to give it to the
first person that successfully "owns" the box. The box is running an
unpatched installation of Red Hat Linux 6.2, so there are plenty of
security holes available. The question is whether an attacker can gain
access and keep it without being detected and shunted off the system
by CylantSecure.
We'll be interested to hear about the results. No non-disclosures are
required and they even have an IRC channel available to allow
attackers to chat directly with their developers.
Overall, we found the new paradigm being explored very interesting and
we are looking forward to seeing the reaction of the security
community to their approach.
New Linux-targeted worm: lpdw0rm. SecurityFocus has released [17]their
analysis of a new worm, lpdw0rm. This particular worm is targeted at
systems running unpatched versions of Red Hat Linux 7.0 that are
running the LPRng service, one of the vulnerabilities that previous
worms have also targeted.
Installing [18]Red Hat's patch for LPRng (made available back in
October) will prevent a system from being successfully attacked.
Predictable TCP initial sequence numbers. We first mentioned the
problem of preditable TCP initial sequence numbers in the [19]March
15th LWN Security Summary. The original report came from Guardent, a
Massachusetts-based security firm who published the existence of the
weakness, but not their own research on the topic. This week, more
information was released.
* A paper from Michal Zalewski entitled [20]Strange Attractors and
TCP/IP Sequence Number Analysis describing "the use of dynamical
system methods to analyze and predict TCP initial sequence
numbers".
* [21]Tim Newsham's paper on the topic, which Guardent has finally
released.
* [22]CERT's advisory on the topic. "TCP initial sequence numbers
were not designed to provide proof against TCP connection attacks.
The lack of cryptographically-strong security options for the TCP
header itself is a deficiency that technologies like IPSec try to
address. It must be noted that in the final analysis, if an
attacker has the ability to see unencrypted TCP traffic generated
from a site, that site is vulnerable to various TCP attacks - not
just those mentioned here. The only definitive proof against all
forms of TCP attack is end-to-end cryptographic solutions like
those outlined in various IPSec documents".
Meanwhile, Linux and OpenBSD (and FreeBSD, which has picked up the
OpenBSD fix) were singled out in the CERT report as being the only TCP
implementations to be relatively immune to the reported problem.
Security Hall of Shame: Tektronix. Elias Levy, moderator of BugTraq,
found recent information posted about security vulnerabilities in the
[23]Tektronix Phaser Network Printer Administration Interface annoying
enough to send out a personal comment on them. "This is not a major
vulnerability. The only reason I bring it to your attention is because
this is standard operating procedure for many companies. They release
a products in the market with no or little security. When someone
points this out to them they ignore him. When its pointed out in
public they threaten to sue him. When they fix it they do it just as
badly as the original security measure. And a few months latter the
product is shown to be insecure once again".
What was it that caught Elias' attention enough to generate so much
ire? The original report of this vulnerability was made in November of
1999. The vulnerability is severe enough that it can be potentially
used to permanently damage the printer. Instead of resolving the
actual security problems, Tektronix simply changed the URL that could
previously be used for the attack by adding an underscore at the
beginning and changing the ".html" suffix to ".shtml".
In addition, non-Tektronix posters had provided a workaround to
improve the security of the printer, which Tektronix has since broken.
Of course, the potential impact of the vulnerability can be mitigated
by keeping the printer behind a firewall and restricting access to the
local network. Meanwhile, Tektronix does not believe that anyone
actually cares about this vulnerability. For our part, we would expect
any security-conscious site to remove Tektronix from their list of
acceptable vendors, given the level of cluelessness and ineptness
demonstrated in the way this vulnerability has been handled.
Call for Articles: SecurityFocus focuses on Incident Handling.
[24]SecurityFocus is developing articles for a planned series on
Incident Handling, scheduled for publication from June onwards. If you
are interested in provided an article for them, check their [25]call
for articles.
Security Reports
Zope security update.
A new security bug has been found in all versions of Zope (up to and
including 2.3.2) which can allow unauthorized access to a clever
attacker. [26]A patch is available which fixes the problem; sites
running Zope should probably apply it soon.
gnupg 1.0.5 released with multiple security fixes.
[27]gnupg 1.0.5 was released on April 29th. Multiple security patches
have been released against gnupg 1.0.4; this new release includes all
of those patches, including fixes for the [28]gnupg web of trust
vulnerability and [29]false positives from detached signatures. Of
course, in addition to security fixes, other feature enhancements and
bug fixes are included. An upgrade to 1.0.5 is recommended.
* [30]Immunix
Remote vulnerabilities in Bugzilla.
[31]Bugzilla 2.12 has been released and contains fixes for a
[32]security problem that could allow remote users to execute commands
on the Bugzilla server under a non-root account. Workarounds are
documented, but an upgrade to the new version is recommended.
KDEsu tmplink vulnerability.
KDEsu creates a world-readable temporary file to exchange
authentication information and then deletes the file soon after. This
allows a race condition under which the account of the local X user
can be compromised. Fixes for the problem are included in
[33]kdelibs-2.1.2. The KDE Project recommends an upgrade both to
kdelibs-2.1.2 and to KDE 2.1.1.
* [34]Red Hat
gftp format string vulnerability. [35]gftp is a multi-threaded X-based
ftp client. A format string vulnerability [36]has been reported in
gftp by Richard Johnson. The problem is fixed in gftp 2.0.8 and later.
BugTraq ID [37]2657.
* [38]Red Hat
* [39]Linux-Mandrake
* [40]Immunix, FormatGuard does not protect against this one.
MandrakeSoft's rpmdrake tmplink vulnerability. Linux-Mandrake has
issued [41]an advisory and an updated package for rpmdrake, fixing a
tmplink vulnerability in that package.
web scripts.
The following web scripts were reported to contain vulnerabilities:
* The [42]Perl Web Server has been reported to contain to a
[43]directory transveral vulnerability. No patch or fix has yet
been provided. Note that this is an experimental project,
currently at release 0.3.
* [44]PerlCal, a calendar and scheduler managed via CGI scripts, has
been reported vulnerable to a [45]directory transveral problem. No
vendor response has been reported so far. Note that PerlCal is a
commercial product. BugTraq ID [46]2663.
Commercial products.
The following commercial products were reported to contain
vulnerabilities:
* The [47]SAP R/3 Web Application Server Demo for Linux has been
reported to be vulnerable to a local root exploit via the program
saposcol (SAP Operating System Collector) which is installed
setuid root. Both workarounds and updated versions of the program
have been made available. BugTraq ID [48]2662.
Updates
NEdit temporary file link vulnerability.
Check the [49]April 26th LWN Security Summary for the original report.
BugTraq ID [50]2627.
This week's updates:
* [51]Debian
Previous updates:
* [52]SuSE (April 26th)
* [53]Linux-Mandrake (April 26th)
Multiple security fixes in OpenSSL-0.9.6a.
[54]OpenSSL-0.9.6a was announced [55]last week and contains fixes for
four security issues. An upgrade to the latest version is recommended.
This week's updates:
* [56]Engarde
SAFT/sendfile broken privileges.
Check the [57]April 26th LWN Security Summary for the original report.
The vulnerabilities can be exploited locally to gain root privileges.
BugTraq ID [58]2631 and [59]2645.
This week, Florian Weimer pointed out that sendfile author Ulli
Horlacher, released [60]an updated version of sendfile in February
which Florian indicated should correct the problems.
Previous updates:
* [61]Debian (April 26th)
* [62]Progeny (April 26th)
Multiple FTP daemon globbing vulnerabilities.
Check the [63]April 12th LWN Security Summary for the original report.
This week's updates:
* [64]Progeny
Previous updates:
* [65]NetBSD (April 12th)
* [66]FreeBSD (April 19th)
* [67]OpenBSD (April 26th)
ntp remotely exploitable static buffer overflow.
An exploit for a static buffer overflow in the Network Time Protocol
(ntp) was published on April 4th. This exploit can allow a remote
attacker to crash the ntp daemon and possibly execute arbitrary
commands on the host. Patches and new packages to fix this problem
came out quickly. It is recommended that you upgrade your ntp package
immediately. If you cannot, disabling the service until you can is a
good idea. For more details and links to related posts, check BugTraq
ID [68]2540.
This week's updates:
* [69]Engarde, updated advisory, includes i386 packages not included
in the original advisory
Previous updates:
* [70]Caldera (April 12th)
* [71]Conectiva (April 12th)
* [72]Debian (April 12th)
* [73]Debian, original patch to ntp introduced a potential
denial-of-service problem, fixed in new updates to ntp. (April
12th)
* [74]Engarde (April 12th)
* [75]Immunix (April 12th)
* [76]Linux-Mandrake (April 12th)
* [77]NetBSD (April 12th)
* [78]Progeny (April 12th)
* [79]Red Hat (April 12th)
* [80]Slackware (April 12th)
* [81]SuSE (April 12th)
* [82]Trustix (April 12th)
* [83]KRUD (April 19th)
* [84]FreeBSD (April 19th)
* [85]Progeny (April 19th)
Zope security update.
Digital Creations released [86]a security update to Zope (all versions
up to 2.3b1) fixing a security vulnerability in how ZClasses are
handled the week of [87]March 1st. An upgrade is recommended.
This week's updates:
* [88]Debian, previous update to Zope was seriously broken
Previous updates:
* [89]Red Hat (March 1st)
* [90]Linux-Mandrake (March 1st)
* [91]Conectiva (March 8th)
* [92]Debian (March 15th)
Resources
New Turbolinux Public Key. Turbolinux has [93]updated their public
key.
Security Breach Traced to Hole in Head of Admin (BBspot, humor). From
BBspot to lighten your mood for the day, comes an article about a
[94]Security Breach in Linux and its source. "Work at Selby
Communications ground to halt as their network server was wiped clean
yesterday by a malicious virus. Security experts called in to
investigate the incident discovered the virus exploited a hole in the
head of Systems Administrator Matt Simmons".
vsftpd-0.9.0. Chris Evans announced the release of [95]vsftpd-0.9.0
this week. vsftpd is a small, fast ftp server written from the ground
up to be free of security holes and/or to mitigate the impact of
potential security problems.
lcrzoex and lcrzo 3.10. New versions of the network test tools
[96]lcrzoex and lcrzo were released this week.
Events
Black Hat Briefings USA '01. A [97]full announcement for the upcoming
Black Hat Briefings USA, to be held July 11th-12th in Las Vegas,
Nevada, USA, was released this week. "This year's topics include:
Reverse Engineering, the Honey Net Project, the CVE, 802.11b WEP
security, ICMP scanning, SQL security configuration, GSM and WAP
security, and more".
Early Bird registration for NetSec. [98]Early bird registration for
[99]NetSec2001 Network Security Conference ends May 4th. NetSec2001
will be held June 18th through the 20th in New Orleans, Louisiana,
USA.
Upcoming Security Events.
Date Event Location
May 13 - 16, 2001 [100]2001 IEEE Symposium on Security Oakland, CA,
USA
May 13 - 16, 2001 [101]CHES 2001 Paris, France
May 29, 2001 [102]Security of Mobile Multiagent Systems(SEMAS-2001)
Montreal, Canada
May 31 - June 1, 2001 [103]The first European Electronic Signatures
Summit London, England, UK
June 1 - 3, 2001 [104]Summercon 2001 Amsterdam, Netherlands
June 4 - 8, 2001 [105]TISC 2001 Los Angeles, CA, USA
June 5 - 6, 2001 [106]2nd Annual IEEE Systems, Man, and Cybernetics
Information Assurance Workshop United States Military Academy,
Westpoint, New York, USA
June 11 - 13, 2001 [107]7th Annual Information Security Conference:
Securing the Infocosm: Security, Privacy and Risk Orlando, FL, USA.
June 17 - 22, 2001 [108]13th Annual Computer Security Incident
Handling Conference (FIRST 2001) Toulouse, France
June 18 - 20, 2001 [109]NetSec Network Security Conference(NetSec '01)
New Orleans, Louisiana, USA.
June 19 - 20, 2001 [110]The Biometrics Symposium Chicago, Illinois,
USA.
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [111]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [112]lwn@lwn.net.
Section Editor: [113]Liz Coolbaugh
May 3, 2001
[114]Click Here
Secured Distributions:
[115]Engarde Secure Linux
[116]Immunix
[117]Nexus
[118]SLinux [119]NSA Security Enhanced
[120]Trustix
Security Projects
[121]Bastille
[122]Linux Security Audit Project
[123]Linux Security Module
[124]OpenSSH
Security List Archives
[125]Bugtraq Archive
[126]Firewall Wizards Archive
[127]ISN Archive
Distribution-specific links
[128]Caldera Advisories
[129]Conectiva Updates
[130]Debian Alerts
[131]Kondara Advisories
[132]Esware Alerts
[133]LinuxPPC Security Updates
[134]Mandrake Updates
[135]Red Hat Errata
[136]SuSE Announcements
[137]Yellow Dog Errata
BSD-specific links
[138]BSDi
[139]FreeBSD
[140]NetBSD
[141]OpenBSD
Security mailing lists [142]Caldera
[143]Cobalt
[144]Conectiva
[145]Debian
[146]Esware
[147]FreeBSD
[148]Kondara
[149]LASER5
[150]Linux From Scratch
[151]Linux-Mandrake
[152]NetBSD
[153]OpenBSD
[154]Red Hat
[155]Slackware
[156]Stampede
[157]SuSE
[158]Trustix
[159]turboLinux
[160]Yellow Dog
Security Software Archives
[161]munitions
[162]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[163]CERT
[164]CIAC
[165]Comp Sec News Daily
[166]Crypto-GRAM
[167]LinuxLock.org
[168]LinuxSecurity.com
[169]OpenSEC
[170]Security Focus
[171]SecurityPortal
[172]Next: Kernel
[173]Eklektix, Inc. Linux powered! Copyright Л 2001 [174]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0503/
4. http://lwn.net/2001/0503/kernel.php3
5. http://lwn.net/2001/0503/dists.php3
6. http://lwn.net/2001/0503/desktop.php3
7. http://lwn.net/2001/0503/devel.php3
8. http://lwn.net/2001/0503/commerce.php3
9. http://lwn.net/2001/0503/press.php3
10. http://lwn.net/2001/0503/announce.php3
11. http://lwn.net/2001/0503/history.php3
12. http://lwn.net/2001/0503/letters.php3
13. http://lwn.net/2001/0503/bigpage.php3
14. http://lwn.net/2001/0426/security.php3
15. http://www.cylant.com/products/secure.htm
16. http://victim.cylant.com/
17. http://lwn.net/2001/0503/a/lpdw0rm.php3
18. http://lwn.net/2000/1005/a/sec-lprng-rh.php3
19. http://lwn.net/2001/0315/security.php3
20. http://razor.bindview.com/publish/papers/tcpseq.html
21. http://www.guardent.com/cgi-bin/pdfdownload.pl
22. http://lwn.net/2001/0503/a/cert-tcpsequence.php3
23. http://www.securityfocus.com/bid/2659
24. http://www.securityfocus.com/
25. http://lwn.net/2001/0503/a/sec-cfa.php3
26. http://lwn.net/2001/0503/a/zope-zclass-fix.php3
27. http://www.gnupg.org/whatsnew.html#rn20010429
28. http://lwn.net/2000/1221/security.php3#gnupg2
29. http://lwn.net/2001/0104/security.php3#gnupg2
30. http://lwn.net/2001/0503/a/im-gnupg.php3
31. http://freshmeat.net/releases/46616/
32. http://lwn.net/2001/0503/a/sec-bugzilla.php3
33. http://dot.kde.org/988663144/
34. http://lwn.net/2001/0503/a/rh-kdelibs.php3
35. http://gftp.seul.org/
36. http://www.securityfocus.com/archive/82/177241
37. http://www.securityfocus.com/bid/2657
38. http://lwn.net/2001/0503/a/rh-gftp.php3
39. http://lwn.net/2001/0503/a/lm-gftp.php3
40. http://lwn.net/2001/0503/a/im-gftp.php3
41. http://lwn.net/2001/0503/a/lm-rpmdrake.php3
42. http://perlwebserver.sourceforge.net/
43. http://www.securityfocus.com/bid/2648
44. http://www.perlcal.com/
45.
http://securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26th
reads%3D1%26fromthread%3D0%26tid%3D180517%26start%3D2001-04-29%26end%3D2001-05-0
5%26
46. http://www.securityfocus.com/bid/2663
47. http://lwn.net/2001/0503/a/sec-sap.php3
48. http://www.securityfocus.com/bid/2662
49. http://lwn.net/2001/0426/security.php3#nedit
50. http://www.securityfocus.com/bid/2627
51. http://lwn.net/2001/0503/a/db-nedit.php3
52. http://lwn.net/2001/0426/a/suse-nedit.php3
53. http://lwn.net/2001/0426/a/lm-nedit.php3
54. http://www.openssl.org/news/announce.html
55. http://lwn.net/2001/0426/security.php3#openssl
56. http://lwn.net/2001/0503/a/esl-openssl.php3
57. http://lwn.net/2001/0426/security.php3#sendfile
58. http://www.securityfocus.com/bid/2631
59. http://www.securityfocus.com/bid/2645
60. ftp://ftp.belwue.de/pub/unix/sendfile/
61. http://lwn.net/2001/0426/a/debian-sendfile.php3
62. http://lwn.net/2001/0426/a/progeny-sendfile.php3
63. http://lwn.net/2001/0412/security.php3#bsdftp
64. http://lwn.net/2001/0503/a/progeny-bsdftp.php3
65. http://lwn.net/2001/0412/a/nb-ftp.php3
66. http://lwn.net/2001/0419/a/fb-ftp.php3
67. http://openbsd.org/errata28.html#glob_limit
68. http://www.securityfocus.com/bid/2540
69. http://lwn.net/2001/0503/a/engarde-ntp.php3
70. http://lwn.net/2001/0412/a/cald-ntpd.php3
71. http://lwn.net/2001/0412/a/con-xntp.php3
72. http://lwn.net/2001/0412/a/deb-ntp.php3
73. http://lwn.net/2001/0412/a/db-ntp-2.php3
74. http://lwn.net/2001/0412/a/engarde-xntp.php3
75. http://lwn.net/2001/0412/a/im-ntp-xntp3.php3
76. http://lwn.net/2001/0412/a/lm-ntp-xntp3.php3
77. http://lwn.net/2001/0412/a/nb-ntp.php3
78. http://lwn.net/2001/0412/a/progeny-ntpd.php3
79. http://lwn.net/2001/0412/a/rh-xntp.php3
80. http://lwn.net/2001/0412/a/sl-xntp.php3
81. http://lwn.net/2001/0412/a/suse-xntp.php3
82. http://lwn.net/2001/0412/a/trustix-xntp.php3
83. http://lwn.net/2001/0419/a/krud-ntp.php3
84. http://lwn.net/2001/0419/a/fb-ntp.php3
85. http://lwn.net/2001/0419/a/progeny-ntp.php3
86. http://lwn.net/2001/0503/a/zope-zclasses.php3
87. http://lwn.net/2001/0301/security.php3#zope
88. http://lwn.net/2001/0503/a/deb-zope.php3
89. http://lwn.net/2001/0301/a/rh-2001-021-06.php3
90. http://lwn.net/2001/0301/a/lm-zope.php3
91. http://lwn.net/2001/0308/a/con-zope.php3
92. http://lwn.net/2001/0315/a/deb-zope-20010309.php3
93. http://lwn.net/2001/0503/a/sec-tlkey.php3
94. http://bbspot.com/News/2001/05/hole.html
95. http://lwn.net/2001/0503/a/vsftpd-0.9.0.php3
96. http://lwn.net/2001/0503/a/lcrzo.php3
97. http://lwn.net/2001/0503/a/blackhatusa.php3
98. http://lwn.net/2001/0503/a/netsec.php3
99. http://www.gocsi.com/netsec01
100. http://www.ieee-security.org/TC/sp2001.html
101. http://www.ece.wpi.edu/Research/crypt/ches/start.html
102. http://www.dfki.de/~kuf/semas/
103.
http://www.iqpc.com/cgi-bin/templates/98485262029583740234300003/genevent.html?e
vent=1525&topic=
104. http://www.summercon.org/announcements/
105. http://www.tisc2001.com/
106. http://www.itoc.usma.edu/Workshop/2001/Workshop2001.htm
107.
http://www.gartner.com/IndexHomePage.jsp?landPage=/2_events/conferences_briefing
s/conferences/sec7.jsp
108. http://www.first.org/conference/2001/
109. http://www.gocsi.com/netsec01
110.
http://www.iqpc.com/cgi-bin/templates/98485262029583740234300003/genevent.html?e
vent=1504&topic=
111. http://securityfocus.com/calendar
112. mailto:lwn@lwn.net
113. mailto:lwn@lwn.net
114. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
115. http://www.engardelinux.org/
116. http://www.immunix.org/
117. http://Nexus-Project.net/
118. http://www.slinux.org/
119. http://www.nsa.gov/selinux/
120. http://www.trustix.com/
121. http://www.bastille-linux.org/
122. http://lsap.org/
123. http://lsm.immunix.org/
124. http://www.openssh.com/
125. http://www.securityfocus.com/bugtraq/archive/
126. http://www.nfr.net/firewall-wizards/
127. http://www.jammed.com/Lists/ISN/
128. http://www.calderasystems.com/support/security/
129. http://www.conectiva.com.br/atualizacoes/
130. http://www.debian.org/security/
131. http://www.kondara.org/errata/k12-security.html
132. http://www.esware.com/actualizaciones.html
133. http://linuxppc.org/security/advisories/
134. http://www.linux-mandrake.com/en/fupdates.php3
135. http://www.redhat.com/support/errata/index.html
136. http://www.suse.de/security/index.html
137. http://www.yellowdoglinux.com/resources/errata.shtml
138. http://www.BSDI.COM/services/support/patches/
139. http://www.freebsd.org/security/security.html
140. http://www.NetBSD.ORG/Security/
141. http://www.openbsd.org/security.html
142. http://www.calderasystems.com/support/forums/announce.html
143. http://www.cobalt.com/support/resources/usergroups.html
144. http://distro.conectiva.com.br/atualizacoes/
145. http://www.debian.org/MailingLists/subscribe
146. http://www.esware.com/lista_correo.html
147. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
148. http://www.kondara.org/mailinglist.html.en
149. http://l5web.laser5.co.jp/ml/ml.html
150. http://www.linuxfromscratch.org/services/mailinglistinfo.php
151. http://www.linux-mandrake.com/en/flists.php3
152. http://www.netbsd.org/MailingLists/
153. http://www.openbsd.org/mail.html
154. http://www.redhat.com/mailing-lists/
155. http://www.slackware.com/lists/
156. http://www.stampede.org/mailinglists.php3
157. http://www.suse.com/en/support/mailinglists/index.html
158. http://www.trustix.net/support/
159. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
160. http://lists.yellowdoglinux.com/ydl_updates.shtml
161. http://munitions.vipul.net/
162. http://www.zedz.net/
163. http://www.cert.org/nav/alerts.html
164. http://ciac.llnl.gov/ciac/
165. http://www.MountainWave.com/
166. http://www.counterpane.com/crypto-gram.html
167. http://linuxlock.org/
168. http://linuxsecurity.com/
169. http://www.opensec.net/
170. http://www.securityfocus.com/
171. http://www.securityportal.com/
172. http://lwn.net/2001/0503/kernel.php3
173. http://www.eklektix.com/
174. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://lwn.net/2001/0503/security.php3 |
Sergey Lentsov |
03 May 2001 17:11:19 |
|
|
