From owner-freebsd-questions Thu Feb 8 23:44:55 2001 Delivered-To: freebsd-questions@freebsd.org Received: from buffnet4.buffnet.net (buffnet4.buffnet.net [205.246.19.13]) by hub.freebsd.org (Postfix) with ESMTP id 212CD37B401 for ; Thu, 8 Feb 2001 23:44:35 -0800 (PST) Received: from buffnet11.buffnet.net (buffnet11.buffnet.net [205.246.19.55]) by buffnet4.buffnet.net (8.9.3/8.8.7) with ESMTP id CAA80390; Fri, 9 Feb 2001 02:44:09 -0500 (EST) (envelope-from shovey@buffnet.net) Date: Fri, 9 Feb 2001 02:44:08 -0500 (EST) From: Stephen Hovey To: Operador del sistema Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD Ports Security Advisory: FreeBSD-SA-01:INSERT_NUMBER_HERE (fwd) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Cause some jerk figured out how to send a fake On Thu, 8 Feb 2001, Operador del sistema wrote: > anyone know why i recived this: > ---------- Forwarded message ---------- > Date: Thu, 8 Feb 2001 15:14:26 -0500 (EST) > From: FreeBSD Security Advisories > To: freebsd-announce@FreeBSD.ORG > Subject: FreeBSD Ports Security Advisory: FreeBSD-SA-01:INSERT_NUMBER_HERE > > ============================================================================= > FreeBSD-SA-01:INSERT_NUMBER_HERE Security Advisory > FreeBSD, Inc. > > Topic: FreeBSD on record to set most advisory releases for > year 2001 > > Category: All > Announced: 2001-02-07 > Credits: sil@loopback.antioffline.com http://www.antioffline.com > Vendor status: Developers sleeping right now > FreeBSD only: Yes > > I. Background > > FreeBSD is the most robust chopperating sysdumb in the world and we > mean it. Our TCP stack will kick your TCP stacks hynee. Currently we > are releasing an advisory every 1.95 days which means we are bound > to surpass Microsoft. > > II. Problem Description > > We normally do not assess security when creating the ports distribution > often allowing anyone to build any program we decide to run in the ports > directory. Recently we have noticed that we can no longer fool users > into thinking because we provide checksumming for the programs, that > they will be secure. > > Unlinke other operating systems and the developers of them who audit > their ports, we feel it is not our problem if someone accessess your > system because we're too lazy to do things right the first time. > > > III. Impact > > Obviously anyone can end up control your machine or worse. > > IV. Workaround > > We will not be mentioning the ultra secure OpenBSD operating system > since we feel it is not our problem and does not help to promote a > better OS than our own. > > V. Solution > > One of the following: > > 1) Rub a magic lamp and wait for the security genie to fix it. > > 2) Download NSA Linux so you too can have miniscule backdoors in it > which you won't see. > > 3) Pray to the hacker god Kevin Mitnick for assistance. > > 4) Install a more secure O(penBSD)S > > NOTE: FreeBSD developers are now red faced > > VI. Shouts > > Hard Lee Strange > Mike Hunt > Ivana Swallows > Mike Hock > Dick Famous > Kathie Lee Gifford > > > > This is the moderated mailing list freebsd-announce. > The list contains announcements of new FreeBSD capabilities, > important events and project milestones. > See also the FreeBSD Web pages at http://www.freebsd.org > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-announce" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message