From owner-freebsd-questions  Sat Jun 27 21:42:00 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA24599
          for freebsd-questions-outgoing; Sat, 27 Jun 1998 21:42:00 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from lucy.bedford.net (lucy.bedford.net [206.99.145.54])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA24567
          for <freebsd-questions@FreeBSD.ORG>; Sat, 27 Jun 1998 21:41:47 -0700 (PDT)
          (envelope-from listread@lucy.bedford.net)
Received: (from listread@localhost)
	by lucy.bedford.net (8.8.8/8.8.8) id AAA14479;
	Sun, 28 Jun 1998 00:35:05 -0400 (EDT)
	(envelope-from listread)
Message-Id: <199806280435.AAA14479@lucy.bedford.net>
Subject: Re: FreeBSD bugs!
In-Reply-To: <19980628005034.27622.qmail@hotmail.com> from Rani Abdellatif at "Jun 27, 98 05:50:34 pm"
To: rani_w_a@hotmail.com (Rani Abdellatif)
Date: Sun, 28 Jun 1998 00:35:05 -0400 (EDT)
Cc: freebsd-questions@FreeBSD.ORG
X-no-archive: yes
Reply-to: djv@bedford.net
From: CyberPeasant <djv@bedford.net>
X-Mailer: ELM [version 2.4ME+ PL38 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Rani Abdellatif wrote:
> Dear Sirs, 
> First of all I would like to tell you that I was really impressed by 
> your site. It's 
> really outstanding. 
> 
> There's a huge chance that you already know about what I want to tell 
> you, but there's a site called www.rootshell.com that contains hacking 
> software that exploits bugs in operating systems and applications. And 
> it mentioned exploiting a couple of bugs in FreeBsd and other BSD's. 
> Please take a look at that site, because sites of that kind are the most 
> useful bug report in my opinion. 
> 
> Sorry for any inconvenience. 

Your observations are correct, of course, and the maintainers keep
close watch on such developments. Security patches are made available,
and can be found on the websites.

The most reliable day-to-day source of exploit reports is the
Bugtraq mailing list, a carefully moderated "full-disclosure" list.
Very little escapes the scrutiny of that list. It is available as
a digest.

freebsd-security is the "in house" forum for discussion of these issues.

The "root kits" and so on from rootshell are useful to the admin for
probing his own system.

Dave
-- 
http://www.microsoft.com/security: `Microsoft Windows NT Server is the most 
                  secure network operating system available.'
Don Quixote: `You are mistaken, Sancho.'

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message