Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Red Hat Software

Submission + - Fedora Core 6 End of Life ->

devkhadka writes: "Fedora development team has announced to end the life of fedora 6. No more support and updates for fedora 6 will be available from the date Friday, December 7, 2007 since the new version of fedora, fedora 8 is on the way. Fedora always closes the life of old version about a month before next new release so ,as things stands, Fedora 7 will remain supported until one month past the release of Fedora 9 ,this would be roughly through the end of May, 2008"
Link to Original Source
Security

Submission + - Mail Security: File Parsing Vulnerabilities->

devkhadka writes: "Multiple vulnerabilities have been discovered in Symantec Mail Security for Exchange, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.The vulnerabilities are caused due to various errors within certain third-party file viewers and can be exploited to cause buffer overflows when a specially crafted file is checked. Successful exploitation allows execution of arbitrary code. And are exploited to cause buffer overflows by tricking a user into viewing a specially crafted file. The following file viewers are affected: * mifsr.dll * awsr.dll * kpagrdr.dll * exesr.dll * rtfsr.dll * mwsr.dll * exesr.dll * wp6sr.dll * lasr.dll"
Link to Original Source
Security

Submission + - Cracks in the Mac OS X Leopard firewall-> 1

Anonymous Coward writes: "In the course of functional testing, heise Security has discovered a series of problems and peculiarities in the way the firewall in Apple's new operating system behaves. These may have an effect on system security. As with previous versions, by default the firewall in Mac OS X Leopard is deactivated. But even if the user activates it manually, the system is far from sealed off. In tests carried out by heise Security it was possible to communicate with the time server from remote even with the firewall set to "Block all incoming connections" — even when the Mac was directly connected to the internet via a DSL connection. The time server is started automatically by the system. In wired LANs, the NetBIOS name server from the Samba package is also active and, despite the firewall, accessible."
Link to Original Source
Security

Submission + - USB hacks making physical access danger.->

devkhadka writes: "Yesterday i was in my college server room, I saw usb ports of different computers open here and there, and i was just known about the switchblades the day before yesterday. And a thought came into my mind if i were in the bank and i had my pendrive there what would happen? The thought strike into my mind and how week the security system is? because,The primary purpose of this tool is to silently recover information from Windows systems, such as password hashes, LSA secrets, IP information as well as browser history and autofill information as well as create a backdoor to the target system for later access.The tool takes advantage of a security hole in U3 drives that allows the creation of a virtual CD-ROM drive, whicn allows the Windows autorun feature to work (unless disabled on the target system). Even if autorun or a U3 drive is not used, the application can still be started by executing a single script on the drive."
Link to Original Source
Security

Submission + - Microsoft Tuesday Patched six instead of seven sec->

devkhadka writes: "Microsoft has released a total of six security bulletins for October 2007. The Redmond-based company has resolved vulnerabilities rated as "Critical" in Internet Explorer, Outlook Express, Windows Mail and Kodak Image Viewer. These vulnerabilities could allow an attacker to remotely execute code and gain control of unpatched systems. A fix for the Windows remote procedure call (RPC) service and the SharePoint patch, which was postponed on September 2007 Patch Tuesday, were rated merely as "Important" bulletins since they can only be misused for denial of service attacks or elevation of privileges."
Link to Original Source
Security

Submission + - Educational Hacking. Is it really a good idea?

devkhadka writes: "There are and always will be different views on security information disclosure ethics. Thus I will not argue in one direction or the other. I will instead bring up a case as a "food-for-brain" example. Would you trust someone that auction for a CD that "will make a hacker of you in only a few hours"? What if the same guy sells free tools to "steal usernames and passwords" and "Sniff out AOL conversations". For only 7.99 pounds you can also buy a "Easy virus construction" kit and "Ready Made Virus". Would you really believe it's all "for educational use only on your own pc to test for any flaws in your system"? Is this in any way educational, or is just another shortcut to help script kiddies to vandalize the internet? Is this really a good idea?"
PHP

Submission + - TOp 10 Firefox extensions, nerds must have->

devkhadka writes: "Narrowing the huge field of available add-ons down to the ten best was quite a challenge. Life hacker has published 10 most used firefox extensions that a nerd must have ,Your Firefox extension choices have everything to do with your needs, but the ten add-ons you'll find in the following pages are highly-evolved, robust and have proven their usefulness over and over.And this seem to be the must for most of the nerds."
Link to Original Source
Security

Submission + - How one fall in trap-fake login page,lose password->

devkhadka writes: "There are several fake loging page software available for download and any one with little knowledge can host the page in free host to trap the email password. There is a favourable senario of thousends of free host are providing space for fee. A person can make the dummy user feel they have loged out of the email program and ask to login, they dont look at the address bar and enter their passowrd in the fake page of evils and is saved there. In many case evil person sends a greetings link to the targeted person on the mail when one clicks on the link he/she sees a loged out page and is done.How much secure is hotmail server or how much strong is your password, doesnot mater much its just hacked in one minute. demonstration more"
Link to Original Source
Red Hat Software

Submission + - Fedora 8 Test 3 released->

devkhadka writes: "Fedora 8 Test 3 is here! This is the last test release before the evelopment freeze and a great time to test all those packages that you now and love. Test 3 is for beta users. This is the time when we must ave full community participation. Without this participation both hardware and software functionality suffers. Fedora is a Linux-based operating system that showcases the latest in free and open source software. Fedora is always free for anyone to use, modify, and distribute. It is built by people across the globe who work together as a community: the Fedora Project. The Fedora Project is open and anyone is welcome to join. Up-to-date release notes for Fedora 8 Test 3 can be found at http://docs.fedoraproject.org/release-notes."
Link to Original Source
Power

Submission + - Sun's Value of Design Innovation Launch - Oct. 9,->

devkhadka writes: "Is massive network growth making your datacenter inefficient and too complex to manage effectively? Are you reaching capacity limits on space, power, and cooling? Are you being asked to support more data, users, applications — and to provide more services — with less budget? So Learn how Sun's highly efficient, innovatively designed and open systems and technologies can help you virtualize your datacenter, maximize efficiency, increase utilization and scale, while using less energy, reducing IT footprint, and saving you money.
Event: Sun's Value of Design Innovation Launch Date: October 9, 2007
Time: 10:25 a.m. PDT
Location: http://sun.com/launch LIVE OCT 9, 2007
Find My Time Zone: http://communications1.sun.com/r/c/r?2.1.3J1.2Tc.12mkfc.C5CGkw..H.EigC.1nvs.JHOEeb00"

Link to Original Source
Security

Submission + - Catching thieves with Flickr->

devkhadka writes: "Social networks can not only be used to make new contacts, but also to track down thieves as events last week at Flickr.com showed. Four laptops and two iMacs, one of which had a web cam, were stolen from Canadian office services provider WorkSpace. The Flickrbooth plug-in for Apple's Photo Booth was installed on the iMac with the web cam. The program automatically sends photos taken with the web cam to the selected Flickr account. An employee at WorkSpace was naturally surprised when he looked into his Flickr account and saw that a new image had been uploaded — one of a tattooed man posing in front of the stolen iMac. The man apparently knew that the iMac was taking pictures of him, but not that it was sending them to Flickr. The image quickly became viral in forums and blogs all over the world. Shortly after, the suspected thief turned himself over to the police according to a report in the Vancouver Sun. He claims that he bought the computer from a friend of a friend but wished to return it. WorkSpace now hopes to get additional information about who the actual thieves are."
Link to Original Source
Sci-Fi

Submission + - Best Career path for nerds and University courses.-> 1

devkhadka writes: "Are you a Nerd ? so its a good time to u.The colleges around the world are starting to appeal to the nerds in all of us.Here are the best Career path for the nerds starting form ROM hacking n video Game design to Atrificial intelligence and Network security to Ethical hacking.This list of 25 courses and programs offered at colleges around the world identifies some of the nerdiest coursework, starting with the most obvious, and winding up with the most obscure..."
Link to Original Source
Debian

Submission + - Debian refuses to push timezone update for NZ DST->

Jasper Bryant-Greene writes: Although a tzdata release which includes New Zealand's recent DST changes (2007f) has been out for some time, Debian are refusing to push the update from testing into the current stable distribution, codenamed Etch, on the basis that "it's not a security bug". This means that unless New Zealand sysadmins install the package manually, pull the package from testing, or alter the timezone to "GMT-13" manually, all systems running Debian Etch in New Zealand currently have the incorrect time, as DST went into effect this morning. As the last comment in the bug report says, "even Microsoft are not this silly".
Link to Original Source
Upgrades

Submission + - Fedora Unity Releases Updated Fedora Linux 7 Re-S-> 1

devkhadka writes: "The Fedora Unity Project is proud to announce the release of new ISO Re-Spins (DVD and CD Sets) of Fedora 7. These Re-Spin ISOs are based on Fedora 7 and all updates released as of September 12th, 2007. The ISO images are available for i386 and x86_64 architectures via jigdo starting Friday, September 28th, 2007. We have included CD Image sets for those in the Fedora community that do not have DVD drives or burners available. Fedora Unity has taken up the Re-Spin task to provide the community with the chance to install Fedora with recent updates already included. These updates might otherwise comprise more than 700MiB of downloads for a default install. This is a community project, for and by the community. You can contribute to the community by joining our test process."
Link to Original Source

The bomb will never go off. I speak as an expert in explosives. -- Admiral William Leahy, U.S. Atomic Bomb Project

Working...