A hacker announced that time's up for system administrators who haven't patched Windows 2000 Web servers vulnerable to a flaw revealed by Microsoft two days ago.
The hacker--using the handle "Dark Spyrit"--released a program Wednesday night designed to exploit the security hole and give anyone with limited technical knowledge the ability to completely control a Windows 2000 server running version 5 of Microsoft's Internet Information Server (IIS) Web software.
This how to walks you through the process of building one of the most stable and secure firewalls available - a FreeBSD-STABLE firewall with IPFILTER. As a part of the installation process, all services will be disabled except OpenSSH, which will have its access controlled via TCP-Wrappers.
Hackers have broken into a BBC internal communications network and posted a web page in support of Kashmiri independence.A server at BBC Monitoring was hacked into on 30 April and a notice from the "Silverlords for the freedom of Kashmir" placed on the website, BBC Monitoring has confirmed.
The site is used by BBC Monitoring purely as a working tool linking staff at BBC Monitoring's headquarters in Caversham near Reading to staff working overseas, a spokesperson for the BBC said.
A remotely exploitable security vulnerability has been discovered in Kerberos version 5's FTP daemon. The vulnerability is exploitable both via anonymous FTP and via local account access. The vulnerability results from a buffer overflow in code that calls ftpglob(), a function responsible for expanding glob characters in pathnames. Recent versions of FTPd (krb5-1.2 or later) should not contain buffer overflows in the ftpglob() function itself.
Strong words from the official voice of Redmond today, urging admins to patch a recently-discovered buffer overflow vulnerability in servers running IIS 5.0 on Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server, make it clear how serious a security problem Microsoft has on its hands.
"Microsoft strongly urges all IIS 5.0 server administrators to install the patch immediately," a company security bulletin says.