From owner-freebsd-questions Fri Jul 3 12:33:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA09493 for freebsd-questions-outgoing; Fri, 3 Jul 1998 12:33:15 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from localline.com (localline.com [207.13.92.34]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA09484 for ; Fri, 3 Jul 1998 12:33:11 -0700 (PDT) (envelope-from woody@localline.com) Received: from localhost (woody@localhost) by localline.com (8.8.8/8.7.3) with SMTP id OAA27879; Fri, 3 Jul 1998 14:33:55 -0500 (EST) Date: Fri, 3 Jul 1998 14:33:55 -0500 (EST) From: Woody To: Johann Visagie cc: questions@FreeBSD.ORG Subject: Re: updates In-Reply-To: <19980703212126.A11398@cityip.co.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Yeh I have been looking at some code from those particular holes...that's why I thought I'd better get busy...:)...I use RH on my personal box and just not used to FreeBSD...ThanX for the info... Have you tried the qpop exploit yet for BSD? I did, and all I get is garbage...well...last night a guy I know broke root with it...so I dunno what the hell my problem is...I just get garbage and have to exit out of the exploit program then reset my tty...pisses me off...that's why I never updated the server because it didn't work for me....grrrrrr!!! :( I don't know whether it is a problem with my terminal type or not...but it worked for him... Woody Security Administrator Localline.com, Oxford, IN woody@localline.com On Fri, 3 Jul 1998, Johann Visagie wrote: > Hi there, > > On Fri, 03 Jul 1998 at 12:26 SAT, Woody wrote: > > > > I am the new security admin here at localline....I am not too familiar > > with FreeBSD and the way you go about getting updates for various binaries > > and what not that can cause nasty things to happen to your system. I am a > > big Linux user and used to, say, Red Hat's format....how do I go about > > getting updates for the version we are running which is 2.2.6? > > Fortunately, I think you'll find that the fact that there's more centralised > control over FreeBSD's development means that it's also easier to get > authoritative updates. > > There are many ways to keep your FreeBSD pathed up to the moment. One way > would be to use CVS or ctm to keep your source tree up to date, and recompile > frequently. Read the Handbook to see how! ;-) > > At the very least, you should subscribe to the freebsd-security mailing list, > where FreeBSD security advisories will be posted when they appear. Usually, > acting on an advisory means installing a patch against your kernel, and > recompiling it. > > If you say you're a new security admin there, I take it you've been moving > jobs lately and might be out of touch. Are you aware of some of the security > problems of the last few weeks, e.g. the BIND hole, the qpopper hole, the > mscan nuisance and even the IIS ASP problem? > > -- V > > Johann Visagie | Email: wjv@CityIP.co.za | Tel: +27 21 419-7878 > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message