Search:

This obviously varies developer to developer. In the case of the OpenBSD team, for example, the developers are using the stack protection technologies to enhance the security. They don't rely on...

Sorry; I thought you were criticizing the team's sloppiness if they *depended* on the stack protection. Maybe if the MS bohemoth coded like the team, they wouldn't be releasing 'buffer overflow'...

SirDice: OpenBSD's code is heavily audited. They use a function of their own, strlcopy, along with strlcat, instead of the weaker strcopy and strcat. These guys know how to write secure code; just...

Great stuff, thanks!

Please, don't be so quick to shoot down OpenBSD's buffer overflow protection. Look at the version for this diff: OpenBSD 3.0-CURRENT.

OpenBSD 3.3 released May 1, with ProPolice stack protection. ...

this sounds like rubbish; if a VPN is set up correctly, all traffic going through it will be encrypted. VPNs, when used correctly, provide a hell of a lot of security for data that needs to get to a...

Thanks for all of the info! spurious_inode, thanks for the mailing list, I'm now signed up... looks like a good one. I liked the idea of being able to, uh, (no prettier way to say this)...

I am setting up a dedicated firewall on an older computer and, as I understand, there are two options for actions a firewall or packet filter takes after determining that the packets shouldn't pass. ...

Wow, this lil bugger weighs in at over 2.5 megs... I'm used to seeing openbsd patches @ usually under 50k, heh

lmao he really doesn't get it

Great info, AP++

Packets going across state lines to commit a crime constitutes a federal offense? Wow, it's like throwing a boomerang that goes across the border and comes back to hit a guy in the head. One...

I'm another Sygate fan... at least with the win32 platform. If I knew all the ports that needed to be used for some simple services I would set up a dedicated OpenBSD 3.3-current box with pf as a...

This seems appropriate for the time. x acidreign x, you're familiar with Oklahoma's lottery issue? OK House legislators, to those of you who don't know, voted down a state lottery for Oklahoma that...

CDs will stay mainstream for at least 4-6 more years, until some reasonably portable, cheap, copyable media takes its place. I'm just waiting for the damn floppy disks/drives to die. USB keys have...

In theory, not having to pay for an OS seems fine. I don't know many 'average' (stupid) users who would give up windows for an operating system that takes effort to use, even if the benefits...

The title of this reminded me, I saw a funny joke somewhere, maybe it was a sig here or something...
Couldn't resist:
Black holes are when God divides by zero.

Remember, you put the content on MS's servers, and by doing that you bound yourself to the agreement you checked--'I agree'. MS has worded their TOS in such a way that they can and will remove any...

If anyone here remembers the Windows XP Help and Support Center exploit that Microsoft never officially released a patch for (unless you count SP1), this seems to be the exact same thing, where a...

I saw this (below) on slashdot once as a comment regarding hard drive data recovery and paranoia.



I know it's a joke, but is this actually possible: the pseudorandom data writing on...

No problem, sorry I couldn't be of more assistance... haven't seen any alternatives.
Thanks for the AP though!

Thanks ii-monk :)

Hmm. If all of the users are, say, elementary students in an elementary lab then I believe I have the perfect solution for you. There is a product called Deep Freeze (www.deepfreezeusa.com) that...

Notice that the errors are in c:/apache/... files
The new one is apparently a Win32 system, maybe the previous one was a *nix box and the files weren't properly converted or something?

Microsoft has already released a patch for this vulnerability.
It can be found here:
http://www.microsoft.com/technet/security/bulletin/MS00-046.asp