We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
The attacker in this case was only armed with a known exploit for vBulletin. I am guessing they didn't even know NetIQ was there.
Using any external authentication system would be a benefit in the case of a vBulletin exploit, as vBulletin is going to give the attacker full access to your SQL database, so having your passwords stored somewhere else, will require the attacker to be more than a run-of-the-mill website defacer.
The video explains it, but it allows programs to 'drop' capabilities they no longer need.
For example, tcpdump needs root access to open the network interface, but after that it can give up those capabilities, so if there is a bug in tcpdump and it gets compromised by a maliciously crafted packet, the attacker does not have an excess privileges to exploit.
cperciva (102828) writes "Perhaps a sign of our troubled times or a sign that FreeBSD is becoming less relevant to modern computing needs: the FreeBSD Foundation has sought $1,000,000 by year end to allow it to continue to offer to fund and manage projects, provide hardware used by the FreeBSD project, hire developers and system administrators, sponsor FreeBSD events and Developer Summits, and provide travel grants to FreeBSD developers. But with the end of this year fast approaching, it has raised just over $472,000, far short of its target."
An anonymous reader writes "Friends don't let friends use consumer networking equipment. This is a saying that many sysadmins have probably heard. It's really easy to go to a store and pick up a cheap little plastic router, but they're proprietary, have security issues and offer very little flexibility. We're going to show you how to build your own, based entirely on open source software, and take back control of your network." Link to Original Source