similar to: Apache warns Web server admins of DoS attack tool

http://blogs.computerworld.com/15082/omg_microsoft_patents_sudo_linux_and_macos_dead?source=CTWNLE_nlt_dailyam_2009-11-12 -- thanks ./francis -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20091112/1061174b/attachment-0003.html>

http://blogs.computerworld.com/16997/oracle_rips_red_hat_and_sort_of_launches_a_new_linux oracle: just another centos wanna-be? rday -- ======================================================================== Robert P. J. Day Waterloo, Ontario, CANADA Top-notch, inexpensive online Linux/OSS/kernel courses http://crashcourse.ca

Thought those that use cisco in conjunction with asterisk may want to read this. I dont use cisco so I havent read it to see if its actually anything new. Vulnerabilities in Cisco's VOIP system http://www.computerworld.com/securitytopics/security/story/0,10801,103240,00.html?source=x73 -- Trixter http://www.0xdecafbad.com Bret McDanel UK +44 870 340 4605 Germany +49 801 777 555 3402

SJVN's take on it: http://blogs.computerworld.com/16596/the_most_popular_web_server_linux_is

... here''s hoping they release it with Solaris drivers http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9121698&intsrc=hm_list -- This message posted from opensolaris.org

I have the problem with rcom 1.2.2 package. It does't work with R 2.2.0. Is there any opportunities to correct the work of this package? Thanks for your help. Yulia

I had to bypass my unknown sender/recipient domain restrictions to receive list mail and send this. It's hard to say without a whois server for .fi, but it appears that the problem might be with the procontrol.fi. domain. Action to fix the problem is needed ASAP! I've emailed Timo offlist; also tried to get him in IRC. -- Offlist mail to this address is discarded unless

I''m trying to collect media references (URLs) to articles, podcasts, and videos about Ruby and Ruby on Rails, like this month''s Linux Journal ( http://www.linuxjournal.com/issue/147) or the recent DDJ article ( http://www.ddj.com/dept/architect/187203512). If have such a collections yourself (or just know of some good references), could you please share them on this thread.

Hello, I am working on a CentOS Linux 2.6.32-71.el6.x86_64 system. I noticed that the system came with httpd-2.2.15-6 installed. After I run 'yum update' I get httpd-2.2.15-9. I did some research on the Internet, but can't find the following information: are most of the security fixes that appear in httpd-2.2.21 applied to the update on httpd-2.2.15-9? There was a security fix just

Hi list, here is a Samba4 AD with LDB. Is there any limit for number of possible objects? I mean users, computers, and other kind of nodes. On a Samba Wiki page, the doc notes: https://wiki.samba.org/index.php/LDB#How_LDB_uses_TDB "How LDB uses TDB LDB basically sits on top of TDB and manipulates the data into an LDAP-like structure." And I've found a doc here:

Hi all, i''m using xen in bridge mode and some of my domU got under attack from one ip with high udp packet inside domU i''m using iptables as firewall i have drop the packet but from dom0 i still see the ip from Iftop and the ip eat my traffic there is any idea about this regards _______________________________________________ Xen-users mailing list

Looks like one of my name servers (CentOS 5) gets a lot of malicious queries. The cpu load is constantly about 3 %. I put on stricter limits on who is allowed recursive queries, but this does not affect the CPU load. I also updated bind. I temporarily turned on querylog (command: rndc querylog), and noticed that I get over 200 queries like this per second: > Aug 17 07:41:38 mx2

Yesterday, I had a DoS attack on a php/mysql webpage which uses a lot of resources. I have learned today, as a for instance, in the last hour, about 3000 requests for that page were made by 610 different servers, mostly from 'odd' places... China, Russia, Poland, Turkey... the usual suspects from my experience. The bottom line is this... I hit server loads of 142 yesterday!!! And the

Hi, First, my thanks to Zed for including LiteSpeed in cgi.rb vulnerability report. Appreciated! I just got time to review ruby-lsapi code and test the vulnerability against LiteSpeed. I found that, in our latest ruby-lsapi release 1.11, lsapi_read() function returns Qnil when the end of request body has been reached. So, in theory, LiteSpeed should not be vulnerable to this attack. Our test

Hi, One of our AWS machines was used in an DOS attack last night and I am looking for possible attack vectors. AWS tells me it was sending UDP port 0 traffic to a cloudflare address. This instance had an incorrectly configured AWS security group exposing all ports. The server in question is a Centos 7 based FreeIPA server, OpenVPN concentrator and DNS server. With a brief inspection before the

Hello, because of the login problem with windows 10 and the required changes in "server max protocol" i try to setup an AD. The AD works fine, now I have an other problem. In my Samba3 install i have the following config: mailserver with standanlone openLDAP <- sync -> samba3 with openLDAP so the mailserver can receive mails even if the pdc is down. as i can see at

-----BEGIN PGP SIGNED MESSAGE----- The autodetection routines for some linux modules can tie up the machine for several seconds at a time. By trying to open devices not present on the machine, a local user can disrupt service considerably. A very simple exploit is victim$ ls /dev/*/* repeatedly. A suggested fix is to remove or chmod 0 device nodes for hardware not installed on the

Hi. I don''t know if this one is known, but I can''t recall seeing anything about it. If it is old news I apologize. I discovered a bug in the inetd that comes with NetKit-B-0-08 and older. If a single SYN is sent to port 13 of the server, inetd will die of Broken Pipe: write(3, "Sun Jan 12 21:50:35 1997\r\n", 26) = -1 EPIPE (Broken pipe) --- SIGPIPE (Broken pipe) ---

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In case you have been living in an underground security cave lately. (For the lazy ones, this was RHEL 5). http://www.computerworld.com.au/index.php/id;306842912;fp;4194304;fpid;1;pf;1 http://www.niap-ccevs.org/cc%2Dscheme/st/?vid=10125 - -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other

Bob Muglia announced today that Microsoft''s hypervisor support for Longhorn Server will be pushed out to R2, probably around 2009. http://www.computerworld.com/softwaretopics/software/story/0,10801,102332,00 .html -Dave _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel