I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
Month: July 2006
-
Vandals banging on the door of ssh….
Sometimes I wish I wasn’t curious about things…. The other night I was working on something on the testbox in the back room and saw the switch lights flickering fairly actively between the server and the internet gateway. At first I thought maybe it was some mail coming in, but it was awfully persistent. So, I started nosing around. I saw that sshd was showing up in the process list and on checking /var/log/messages…. found hundreds of ongoing attempts to break in through the ssh server. (sigh….) Now, there was a time when I’ve kind of snickered when I’ve seen these futile attempts, because I have a VERY short list of allowed ssh users. (AllowUsers username can be set in /etc/ssh/sshd_config) But, this was fairly persistent and there was more variety to the usernames than I’m used to seeing.
-
New User Guides for Ubuntu, Fedora, Mandriva
As I was searching online this weekend for something ubuntu related… I ran across this nice reference Wiki…. ubuntuguide.org. They’ve got a good Ubuntu new user guide and also a few things Mandriva and Fedora related. The site is done wiki style so you should be able to collaborate if you have suggestions (although they require login it appears due to wiki-vandalism.) Anyway, looks like a good guide, fairly new-user friendly.