Letters to the Editor
McAfee didn't find it [i.e., the Bliss virus, mentioned in From the Editor, May 1997—Ed.]—they were told about it. The author announced the fact that his Trojan had “accidentally” got out. Was it really an accident? Who knows?
It didn't “spread” to Linux systems. The released version of the Trojan was targeted specifically at Linux, although the author confirms OpenBSD, NT and other compile builds [with the Trojan] are trivial.
Bliss is a very simple Trojan. It sits on the front of files, copies itself into other stuff when run and spreads in that way. As such, not doing things as root will help a lot. Basic common sense like using PGP-signed packages and not installing random binaries as root also helps. —Alan Cox firstname.lastname@example.org
I look forward to each issue of Linux Journal and usually read it from cover to cover the day it arrives in my mailbox. Your article on page 10 of the May issue, “Safely Running Programs as Root”, was very helpful. Before, my method of logging in to the Internet was to log in to my computer as root, start ppp-go, run ifconfig and edit /etc/hosts, then switch to another virtual terminal, log in with my davidm user name and fire up the X-server and Netscape.
Whenever I wanted to disconnect from my access provider, I would have to switch to su and run ppp-off. Now, things are much simpler. I grabbed your listing from the FTP site and in five minutes had your ppp.c program up and running. I am able to open and close my access connection at will without having to switch to root. Thanks for the story and for putting the code listings on your FTP server.
I thoroughly enjoy using Linux and reading Linux Journal. If you get a chance, check out my column on Linux at the following URL: http://www.charleston.net/entertain/click3.html. —David W. MacDougall, South Carolina davidm@Charleston.Net
In my free time, I read a whole slew of computer magazines on subjects ranging from Windows NT to LANs. One thing that struck me the other day was how much fun it was to read the Linux Journal. It seems that every columnist writes with such enthusiasm for the subject. This is a refreshing change from the other mainstream magazines, which seem to complain about everything. Your authors enjoy writing about how far Linux can be pushed and how it can be reshaped into something new.
Granted, Linux is not a high-dollar commercial OS like the others, but I believe that is to its advantage. You have to be amazed with the way it was, and is, being developed. It shows how a large diversity of people can come together for a common cause (one that didn't include money) to create an extremely fun and useful product.
I have specified Linux as the OS for one of the servers (Pentium Pro 200 MHz, 128MB RAM, 4GB HD) in the public school system I work for. I look forward to using it both at home and work. I'd like to hear from other EdTech folks who use Linux in a school environment. —Rob Bellville, Millbury, MA email@example.com
I am still a Newbee after 18 months of working with Linux off and on. I feel I must comment on Stop the Presses by Phil Hughes in your April issue: “Usenix/Uselinux in Anaheim” on page 8. In that report it was stated that Linus Torvalds hinted at “world domination” with Linux.
After my venture into the Linux OS, it seems to me that there is still a long way to go. It appears that Linux has been authored by a large number of academics who each make a mark on the system. I have found a large number of help files to be out of sync with the code they are trying to explain. I have just started working with pppd after signing up with an ISP provider and find the various configurations expressed in the files confusing. It is true I am not a genius, but if one wants to have a system appeal to the “regular joes” out in the real world, setting the system up will have to be made easier.
I am certain I will eventually sort out my problem. It will take a lot of work and learning on my part, which I don't mind—I enjoy sorting out a difficulty and getting it solved. I am going to stick it out until I can connect with my Linux box and get some work done out on the Internet. To that end, I have Linux on separate hard drives on two machines so that I have a backup in case I corrupt one.
Anyhow, keep up the great work in LJ, as I do find it very helpful to keep abreast of what is going on out there. —Kurt Savegnago firstname.lastname@example.org
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide