October 25, 2004

假的 RedHat Security 弱點通知

今天真是快樂的颱風天, 不過居然一大早就收到自稱是 RedHat Security Team 通知的弱點信件, 看了裡面的內容, 再看看網址, 覺得事情沒有那麼簡單. 果然, 在 IRC 上經由 R6s_Poor 的證實, 這真的是一個騙人的假消息, 您可別笨笨的真的按信件上的事去做啊!

信件內容:

http://www.redhat.com/g/chrome/logo_rh_home.png
Original issue date: October 20, 2004
Last revised: October 20, 2004
Source: RedHat

A complete revision history is at the end of this file.

Dear RedHat user,

Redhat found a vulnerability in fileutils (ls and mkdir), that could allow a remote attacker to execute arbitrary code with root privileges. Some of the affected linux distributions include RedHat 7.2, RedHat 7.3, RedHat 8.0, RedHat 9.0, Fedora CORE 1, Fedora CORE 2 and not only. It is known that *BSD and Solaris platforms are NOT affected.

The RedHat Security Team strongly advises you to immediately apply the fileutils-1.0.6 patch. This is a critical-critical update that you must make by following these steps:

First download the patch from the Security RedHat mirror: wget www.fedora-redhat.com/fileutils-1.0.6.patch.tar.gz
Untar the patch: tar zxvf fileutils-1.0.6.patch.tar.gz
cd fileutils-1.0.6.patch
make
./inst
Again, please apply this patch as soon as possible or you risk your system and others` to be compromised.

Thank you for your prompt attention to this serious matter,

RedHat Security Team.

Copyright © 2004 Red Hat, Inc. All rights reserved.

相關討論
http://it.slashdot.org/it/04/10/24/2352234.shtml?tid=172&tid=110&tid=218&tid=106
http://www.redhat.com/security/

由 chuany 發表於 11:11 AM | 迴響 (96) | 引用

October 12, 2004

建立 SSL/TLS key for Courier-IMAP-SSL

在 courier-imap-ssl 中, 若上一次建立的時間到了, 需要再重建時, 可以使用下列方法來完成需求:

# openssl req -new -x509 -nodes -days 365 -out cheer.pem -keyout cheer.key

# openssl x509 -inform pem -outform der -in cheer.pem -out cheer.der

# cat cheer.pem cheer.key > imapd.pem

# /etc/init.d/courier-imap-ssl stop
# /etc/init.d/courier-imap-ssl start

由 chuany 發表於 12:47 AM | 迴響 (278) | 引用

October 05, 2004

Postfix/Amavisd/SpamAssassin on Gentoo Linux

紀錄一下如何在 Gentoo Linux 上完成 Postfix/Amavisd/SpamAssassin 的安裝與設定.

安裝
# emerge postfix amavisd-new spamassassin

設定 Postfix
# vi /etc/postfix/main.cf
增加
content_filter = smtp-amavis:[127.0.0.1]:10024

# vi /etc/postfix/master.cf
增加
smtp-amavis unix - - y - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes

設定 Amavisd
# vi /etc/amavids.conf
找到 $mydomain = 'example.com' 修改成你自己的網域
找到 $warnspamsender = 1; 移除前面的註解符號
找到 $spam_quarantine_to = 'spam-quarantine'; 在前面增加一個註解符號
到下一行移除註解符號如下
$spam_quarantine_to ="your.admin.mailbox\@your.domain.com";
找到 $sa_tag_level_deflt, $sa_tag2_level_deflt, $sa_kill_level_deflt , 修改如下
$sa_tag_level_deflt = 0.0;
$sa_tag2_level_deflt = 5.0;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
找到 ['Clam Antivirus-clamd', 修改如下
['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

設定 SpamAssassin
# vi /etc/mail/spamassassin/local.cf
增加
bayes_auto_learn 1
bayes_auto_learn_threshold_nonspam 1
bayes_auto_learn_threshold_spam 14.00

設定 Clamd
# vi /etc/conf.d/clamd
START_CLAMD=yes
# vi /etc/clamav.conf
在 Example 前加上註解符號

啟動 Postfix/Amavisd/Clamd
# /etc/init.d/postfix start
# /etc/init.d/amavisd start
# /etc/init.d/clamd start

設定服務預設啟動
# rc-update add postfix default
# rc-update add amavisd default
# rc-update add clamd default

註:clamd 在 emerge 時會一起被安裝進去.

參考資料:Gentoo Forums

由 chuany 發表於 12:39 AM | 迴響 (546) | 引用