===========================================================
                        LINUX NEWS
            Resources & Links From CramSession.com
                 Thursday, July 4, 2002
===========================================================

-----------------
TABLE OF CONTENTS
-----------------

1) Sean's Notes

2) Linux News

	New Apache Worm
	An Open Source Success Story
	Mandrake's View on United Linux
	Public Disclosure and Apache

3) Linux Resources

	TCP/IP Meets Chaos Theory
	Seven Common SSL Pitfalls
	Configuring GDM
	TCP/IP Troubleshooting
	Learn EMACS

4) App o' the Week


~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Gain study time and enhance your learning! Hear hundreds of
certification exam questions on audio CD or cassettes. Learn
while you commute to and from work, exercise, or walk the dog.
Ideal for those times when you can't read. 90-day money back
guarantee if you are not happy.

http://ad.brainbuzz.com/?RC06&AI%47

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit
http://cramsession.com/marketing/default.asp

==============================================================
1) Sean's Notes
==============================================================

Last week we looked at file permissions, which allow you to
control who can access various files.

http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li
nuxNews/june-27-2002linux.txt

To recap, a file has permissions, an owner, and a group:

-rw-rw-r--   1 root    disk     629 Jun 22 00:48 /etc/dumpdates

Here, /etc/dumpdates is owned by the root user and the disk
group, is writable by both the user and the group, and readable
by everyone.  (Remember that there are three groups of three
characters in the file mode, corresponding to owner, group, and
everyone).  In octal, read-write is 6 (4 for read, 2 for write),
so the file permission is 664.  In this particular instance, the
disk group has write permission because it's used for things
like backups.  (If you check the raw devices for your hard drive,
such as /dev/hda1, you'll see that "disk" has permissions to read
the device too.)

But that first character, it's an odd one.  It's there to specify
what kind of file you're looking at, including a directory:

# ls -ld /etc
drwxr-xr-x   59 root     root         5120 Jun 30 14:11 /etc

Here, the /etc directory has a 'd' as the first character in the
file mode.  Just like files, it has an owner and a group (both
root in this case), and permissions.  The owner has read, write,
and execute, where both the group and everyone else have just
read and execute.

Execute, as I showed last week, makes the file available to be
run.  In the context of a directory, though, what does it do?
As usual, an example will clear it up.

$ cd /tmp
tmp$ mkdir foo
tmp$ touch foo/file
tmp$ ls foo
file
tmp$ ls -ld foo
drwxrwxr-x    2 sean     sean         1024 Jul  3 20:46 foo

So, here is a directory called /tmp/foo, with a file aptly named
"file".  The permissions on foo are 775, meaning that unless
you're the owner, or in the group, you don't have the write bit
set.  Removing the x bit to everyone:

tmp$ chmod -x foo
tmp$ ls -ld foo
drw-rw-r--    2 sean     sean         1024 Jul  3 20:46 foo
tmp$ cd foo
bash: cd: foo: Permission denied
tmp$ chmod +x foo
tmp$ cd foo
foo$

Without the x bit, you can't change into a directory.

What about the "read" bit?

tmp$ chmod 777 foo
tmp$ ls foo
file
tmp$ chmod 111 foo
tmp$ cd foo
foo$ ls
ls: .: Permission denied

With the execute bit there, we can change into a directory, but
without the read bit, can't get a directory listing.

The write bit should be pretty easy to figure out:

tmp$ chmod 555 foo
tmp$ touch foo/file2
touch: creating `foo/file2': Permission denied

In case you didn't guess, you need the w bit to create or delete
files (yes, you can edit files if the file itself gives you
permission)

So, some common usages.

700 - Private directory, no one can see in

755 - Publicly readable directory.  You can create files,
      everyone else can only read.

777 - World read/write.  Be careful, because anyone can erase
      anyone else's files!

711 - Full access for you, everyone else can change into your
      directory, but can't even get a directory listing.

What good is that last one?  Take for example Apache, where you
can create a public_html directory to serve user files.  If you
hit http://server/~sean/, you'd get whatever is in that
public_html directory.  To access that directory, though, the
server (running as user "nobody") will have to change into
/home/sean/public_html.  It isn't going to get to public_html
without the execute bit on /home/sean.  public_html itself is
usually 755, which allows the web server to see what's there.

Now you're all set to apply permissions to files and directories.
There are still some special options to go, we'll catch those
another time.

Just as a note to anyone who emailed me in the past while and
ended up with a bounce message, there were some problems on the
email server.  It's all cleared up now, though.

Long live the Penguin,

Sean
swalberg@cramsession.com


===========================================================
2) Linux News
===========================================================

----------------
New Apache Worm
----------------
This worm exploits the recently announced vulnerability in
the Apache web server. It'll only get root on FreeBSD
systems, though it's only a matter of time until Linux and
Solaris versions hit the streets. Upgrade Apache, folks!

http://news.com.com/2100-1001-940585.html


-----------------------------
An Open Source Success Story
-----------------------------
Marty Roesch is the creator of Snort, an amazing intrusion
detection system. It started out as a hobby, but has turned
into a profitable venture. Read on to find out how he did it.

http://newsforge.com/newsforge/02/06/29/2127239.shtml


--------------------------------
Mandrake's View on United Linux
--------------------------------
Mandrake doesn't plan on joining the United Linux
initiative, and here is why. It makes use of some Unix
history to point out why UL is a Bad Thing.

http://www.mandrakesoft.com/company/investors/bsa/faq2


-----------------------------
Public Disclosure and Apache
-----------------------------
Public disclosure, or sometimes "responsible" disclosure is
a hot topic in security circles. If you find a vulnerability,
how long should you give the vendor to fix it before
disclosing details? In the Apache case, ISS decided that a
few hours was enough, which led to a chain of events ending
up in the Apache worm.

http://www.zdnet.com/anchordesk/stories/story/0,10738,2873254,00.ht
ml


===========================================================
3) Linux Resources
===========================================================

--------------------------
TCP/IP Meets Chaos Theory
--------------------------
It's been long understood that if an operating system
doesn't randomize the TCP initial sequence number, then it
is vulnerable to a host of spoofing attacks. This paper
applies some chaos theory to the discussion; not only is it
informative, but there are some cool pictures!

http://razor.bindview.com/publish/papers/tcpseq.html


--------------------------
Seven Common SSL Pitfalls
--------------------------
SSL is not only for the web--you can use the OpenSSL
libraries to protect client-server communications in almost
any application. There are many gotchas... this article
highlights the common ones.

http://www.onlamp.com/pub/a/onlamp/2002/06/27/openssl.html


----------------
Configuring GDM
----------------
This article takes you beyond some of the traditional settings
in the Gnome Display Manager, and shows you how you can
provide a couple of basic services to an X-Windows terminal
before the users log in. The article is quick to point out
that some of the things could lead to reduced security, but
it shows that your system can do something other than just
display a login window when no one is using it.

http://www.linuxgazette.com/issue80/nielsen3.html


-----------------------
TCP/IP Troubleshooting
-----------------------
Figuring out the source of a network problem takes some
skill, and the ability to use some basic tools. Here is some
information on where to start.

http://infocenter.cramsession.com/techlibrary/gethtml.asp?ID57


------------
Learn EMACS
------------
Love it or hate it, EMACS is one of the more popular editors
out there. The key sequences make even vi look easy to use,
which is why this online tutorial will help you out.

http://www-106.ibm.com/developerworks/education/r-emacs.html


===========================================================
4) App o' the Week
===========================================================
>From the more obscure side of the fence comes the
Controllable Regex Mutilator. It's basically a filter you
can use to categorize text by writing regular expressions,
except that it learns as it goes. Practical uses include
spam detection, or monitoring of logfiles.

http://crm114.sourceforge.net/

===========================================================
(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.
===========================================================
_______________________________________________________

          This message is from CramSession

You are currently subscribed to the following list
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail,
   send a blank email message to:
   mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit
our site at:
http://newsletters.cramsession.com/signup/default.asp

-------------------------------------------------------