If you are serious about infosec certifications, check out GIAC (http://www.giac.org) . The certs are very applied and test practical knowledge (e.g. they are open book... no need to test how well you can memorize stuff). CISSP is good to get you started in the field.
"Random" attacks can be reported to DShield.org . They have a number of scripts to automatically submit firewall logs (including from Linux firewalls). See http://www.dshield.org/howto.html . Once set up, it just "runs" and DShield aggregates the data, uses it for research and reports worst offenders to ISPs and other contacts.
The SANS Internet Storm Center has a counter on their home page showing how many visitors to their site are vulnerable to this particular problem. At this time, looks like it is 43%! (and I assume that people checking the site are more security concious then the average). Also see MSIE 0day exploit.
So there is a different color thinkpad, and this is newsworthy? Not even a picture of the thing in the article. Nothing a can of spray paint wouldn't be able to do.
I think these changes are nice. But what Linux needs is a rethinking of the way device drivers are integrated. Bundling them all with the kernel will just no longer work (did you ever try to configure a kernel these days?). What I am looking for is a way to be able to use the same driver (aka 'module') in different kernels without having to recompile all over again, and the ability to compile a driver without having the complete kernel source installed.
Back when I had a long commute (1hr +), I listened to NPR/PBS. Great program. I did use Audible.com quite a bit back then as well. Too bad they don't support Linux:-/. Had to drop them as I got rid of Windows.
Well, Apache, PHP and MySQL run just fine in Windows. Many people run Linux on servers, but Winows on Developer desktops (which then have Apache, php and mysql installed).
A lot of equipment uses RJ45 connectors to provide serial connections (e.g. terminal servers). But they all use different pin outs. Sometimes even different models for the same manufacturer need different adapters.
Are there any distros out that include GRSecurity? I use it on all my 2.4 kernel boxes with great success and just started using it on production 2.6 systems. Overall, I find it to be very stable, and a very worth while extra layer of protection even without using the role based ACLs.
These early POC exploits are covered in todays ISC Diary. Note that now there is a script to generate images to add an Admin level user (username "X").
Not too long until we see a remote shell.
Some people are tlaking about seeing it used in an MSN Messenger worm.
The hard part about patching this one is that a lot of third party software may overwrite the Windows JPEG GDI library with its own older version:-/
I am currently using VoIP, mostly to save money. While the call quality is great, I think the real issue with VoIP is uptime and customer support. And I think the last issue is not accounted for when people talk about the potential savings from VoIP.
I can't remember the last time I picked up a regular phone and didn't get a dial tone. For VoIP on the other side, I had a number of extended outages (maybe a total of 10 hrs this year so far). There is just so much more that can break with VoIP, which is out of the control for the VoIP company. As a result, VoIP customer support is always busy, and never able to help:-(
Get the latest VMware build, and check the vmware community forums. But the latest build I downloaded installed without a hitch on Suse 9.1 running on an AMD64 system.
Slashdot Mirror
This has been happening at least since 2016.
see https://isc.sans.edu/forums/di...
looks like a new SOAP vulnerability was added to Mirai. Here come a few million more mirai bots.
If you are serious about infosec certifications, check out GIAC (http://www.giac.org) . The certs are very applied and test practical knowledge (e.g. they are open book... no need to test how well you can memorize stuff). CISSP is good to get you started in the field.
"Random" attacks can be reported to DShield.org . They have a number of scripts to automatically submit firewall logs (including from Linux firewalls). See http://www.dshield.org/howto.html . Once set up, it just "runs" and DShield aggregates the data, uses it for research and reports worst offenders to ISPs and other contacts.
A better link, with more screenshots:
Phollow the Phlopping Phish
The SANS Internet Storm Center has a counter on their home page showing how many visitors to their site are vulnerable to this particular problem. At this time, looks like it is 43%! (and I assume that people checking the site are more security concious then the average). Also see MSIE 0day exploit.
the actual top 20 list can be found here: http://www.sans.org/top20
So who should pay for content if ads shouldn't? Would you "subscribe" to a website?
So there is a different color thinkpad, and this is newsworthy? Not even a picture of the thing in the article. Nothing a can of spray paint wouldn't be able to do.
The Internet Storm Center is tracking a similar number for while. See the "survival time". It has actually improved over the last few months!
I think these changes are nice. But what Linux needs is a rethinking of the way device drivers are integrated. Bundling them all with the kernel will just no longer work (did you ever try to configure a kernel these days?). What I am looking for is a way to be able to use the same driver (aka 'module') in different kernels without having to recompile all over again, and the ability to compile a driver without having the complete kernel source installed.
Back when I had a long commute (1hr +), I listened to NPR/PBS. Great program. I did use Audible.com quite a bit back then as well. Too bad they don't support Linux :-/. Had to drop them as I got rid of Windows.
slashdotted on a saturday night before the first comment was posted :-(
Well, Apache, PHP and MySQL run just fine in Windows. Many people run Linux on servers, but Winows on Developer desktops (which then have Apache, php and mysql installed).
A lot of equipment uses RJ45 connectors to provide serial connections (e.g. terminal servers). But they all use different pin outs. Sometimes even different models for the same manufacturer need different adapters.
Are there any distros out that include GRSecurity? I use it on all my 2.4 kernel boxes with great success and just started using it on production 2.6 systems. Overall, I find it to be very stable, and a very worth while extra layer of protection even without using the role based ACLs.
The ISC posted a couple of snort sigs and other details.
Is this the same 'SMART' car as the one sold by Mercedes in Europe? Sure looks like it, but I can't see any reference to that.
I wasn't able to find the update version at Suse.com. However, it looks like Amazon.com got it (with free 'super saver' shipping):
Suse Linux Professional 9.2 Upgrade Strong Encryption 128 Bit
These flaws cover more then just "the web".
They include things like week passwords and non-web network threats.
no issue with my FP2001. Actually, I love the display. Send me yours for a dual headed system ;-)
Running Suse 9.1 on Nvidia FX 5200 card with Nvidia drivers. Wireless Kensington mouse.
These early POC exploits are covered in todays
:-/
ISC Diary. Note that now there is a script to generate images to add an Admin level user (username "X").
Not too long until we see a remote shell.
Some people are tlaking about seeing it used in an MSN Messenger worm.
The hard part about patching this one is that a lot of third party software may overwrite the Windows JPEG GDI library with its own older version
I am currently using VoIP, mostly to save money. While the call quality is great, I think the real issue with VoIP is uptime and customer support. And I think the last issue is not accounted for when people talk about the potential savings from VoIP.
:-(
I can't remember the last time I picked up a regular phone and didn't get a dial tone. For VoIP on the other side, I had a number of extended outages (maybe a total of 10 hrs this year so far). There is just so much more that can break with VoIP, which is out of the control for the VoIP company. As a result, VoIP customer support is always busy, and never able to help
don't click on the link unless you want your cube mates stare at you ;-)
Get the latest VMware build, and check the vmware community forums. But the latest build I downloaded installed without a hitch on Suse 9.1 running on an AMD64 system.