| version 1.190, 2001/05/31 19:28:48 |
version 1.191, 2001/06/01 21:17:28 |
|
|
| <h2>May, 2001</h2> |
<h2>May, 2001</h2> |
| |
|
| <li><font color=#009000><strong> |
<li><font color=#009000><strong> |
| <a href="http://securityportal.com/closet/closet20010405.html?&_ref=36874758"> |
|
| Abandon hope all ye who enter here</a> |
<a href="http://false.net/ipfilter/2001_05/0332.html">Re: IPFilter 3.4 update. </a>, |
| Security Portal, April 05, 2001 |
Darren Reed, IPFilter mailing list archive, May 19, 2001<br> |
| |
|
| |
<a href="http://lwn.net/2001/0524/#ipfilter">BSD is not free software?</a>, |
| |
LWN weekly news, May 24, 2001<br> |
| |
|
| |
<a href="http://www.bsdtoday.com/2001/May/News489.html">IP Filter License change?</a>, |
| |
Jeremy C. Reed, BSD Today, May 24, 2001<br> |
| |
|
| |
<a href="http://www.deadly.org">Changes in IPFilter license to affect OpenBSD?</a>, |
| |
Dengue, OpenBSD Journal, May 27, 2001<br> |
| |
|
| |
<a href="http://securityportal.com/articles/ipf20010528.html">IPF: Free no more?</a>, |
| |
Kurt Seifried, Security Portal, May 28, 2001 <br> |
| |
|
| |
<a href="http://slashdot.org/article.pl?sid=01/05/28/1225224&mode=thread">IPF License Change: Redistribution Not Allowed</a>, |
| |
Timothy, Slashdot, May 28, 2001<br> |
| |
|
| |
<a href="http://slashdot.org/article.pl?sid=01/05/28/0610252&mode=thread">Changes in IPFilter License</a>, |
| |
Hemos, Slashdot, May 28, 2001 <br> |
| |
|
| |
<a href="http://www.deadly.org">IPF removed from OpenBSD</a>, |
| |
Dengue, OpenBSD Journal, May 30, 2001<br> |
| |
|
| |
<a href="http://linuxtoday.com/news_story.php3?ltsn=2001-05-30-001-20-NW-BD">IPFilter Comes Out of OpenBSD CVS</a>, |
| |
Theo de Raadt, Linux Today, May 30, 2001<br> |
| |
|
| |
<a href="http://news.cnet.com/news/0-1003-200-6119988.html">Open-source spat spurs software change</a>, |
| |
Stephen Shankland, CNET.com - Tech News, May 30, 2001<br> |
| |
|
| |
<a href="http://lwn.net/2001/0531/a/ipfilter-gone.php3">ipf (more)</a>, |
| |
Theo de Raadt, LWN weekly news, May 31, 2001<br> |
| |
|
| |
<a href="http://lwn.net/2001/0601/">IP Filter licensing followup.</a>, |
| |
LWN weekly news, Jun 01, 2001<br> |
| |
|
| </strong></font><br> |
</strong></font><br> |
| |
Many articles and discussions follow after Darren Reed clarified the license of his |
| |
<a href="http://coombs.anu.edu.au/~avalon/ip-filter.html">IP Filter</a> software.<br> |
| |
Because IPF is not <a href="http://www.opensource.org">Open Source</a> and does not qualify for |
| |
<a href="goals.html">OpenBSD licence rules</a>, IPF was removed from future release, |
| |
and will be replaced with a free alternative. |
| |
<p> |
| |
|
| Kurt Seifried interviews Elias Levy, a.k.a. Aleph1 from BugTraq, who |
<li><font color=#009000><strong> |
| states that <em>"efforts like the one from the OpenBSD project |
<a href="http://www.zdnet.com/zdnn/stories/news/0,4586,5082320,00.html"> |
| <strong>are a must</strong>"</em> and then goes further to say |
Flaw found in common Internet standard</a>, |
| that <em>"systems that have gone through a source code security |
ZDNet News, May 3, 2001 |
| audit should include a mandatory tag that says <strong>Lasciate ogne |
</strong></font><br> |
| speranza, voi ch'intrate</strong>"</em>.<br> |
Robert Lemos talks about the <a href="http://www.cert.org">CERT</a> |
| Through the interview he also gives a very interesting note on other |
<a href="http://www.cert.org/advisories/CA-2001-09.html">warning</a> concerning the Initial Sequence Numbers |
| complex security models implemented to existing systems, and how |
(ISN), which could be used to hijack TCP connections of several OS's, but not so |
| incorrect implementation or configuration of such models results in |
with OpenBSD. |
| vulnerabilities. Security through simplicity... doesn't this sound |
|
| familiar? |
|
| <p> |
<p> |
| |
|
| |
|
| <h2>April, 2001</h2> |
<h2>April, 2001</h2> |
| |
|
| <li><font color=#009000><strong> |
<li><font color=#009000><strong> |
|
|
| Windows 9x, ME and 2000, Solaris, Linux and the BSD family.<br> |
Windows 9x, ME and 2000, Solaris, Linux and the BSD family.<br> |
| Good scoring for OpenBSD, we're nearly safe up to 2.8, and |
Good scoring for OpenBSD, we're nearly safe up to 2.8, and |
| completely safe from 2.9 on. |
completely safe from 2.9 on. |
| |
<p> |
| |
|
| |
|
| |
<li><font color=#009000><strong> |
| |
<a href="http://securityportal.com/closet/closet20010405.html?&_ref=36874758"> |
| |
Abandon hope all ye who enter here</a> |
| |
Security Portal, April 05, 2001 |
| |
</strong></font><br> |
| |
|
| |
Kurt Seifried interviews Elias Levy, a.k.a. Aleph1 from BugTraq, who |
| |
states that <em>"efforts like the one from the OpenBSD project |
| |
<strong>are a must</strong>"</em> and then goes further to say |
| |
that <em>"systems that have gone through a source code security |
| |
audit should include a mandatory tag that says <strong>Lasciate ogne |
| |
speranza, voi ch'intrate</strong>"</em>.<br> |
| |
Through the interview he also gives a very interesting note on other |
| |
complex security models implemented to existing systems, and how |
| |
incorrect implementation or configuration of such models results in |
| |
vulnerabilities. Security through simplicity... doesn't this sound |
| |
familiar? |
| <p> |
<p> |
| |
|
| <h2>March, 2001</h2> |
<h2>March, 2001</h2> |
![[BACK]](/icons/back.gif){kind=icon}
Return to press.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www