Clean up this page a bit and deal with stuff missed in the first review.

svn path=/www/; revision=3165

data/security/security.sgml

@@ -1,10 +1,10 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-06-23 22:42:14 $">
+<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: security.sgml,v 1.2 1998-06-23 22:42:14 wosch Exp $ -->
+<!-- $Id: security.sgml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
 
 <html>
     &header;
@@ -15,31 +15,114 @@ code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
- less likely introduce security holes in the first place.
+ less likely introduce security holes in the first place.</P>
 
-</P><P>We welcome your comments on the contents and correctness of this page.
+<P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
-FreeBSD Security Officers</A> if you have changes you'd like to see here.
+FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
-</P><H2>The FreeBSD security officer</H2>
+<H2>The FreeBSD security officer</H2>
 
-As FreeBSD takes security seriously, there is a security officer who is
+<P>FreeBSD takes security seriously, a dedicated team of security officers
-the focal point for security related communications. The security officers'
+providing a focal point for security related communications. A security
-main task is to send out advisories when there are known security holes
+officers' main task is to send out advisories when there are known security
-so FreeBSD users will be able to keep their systems secure. The security
+holes and otherwise keep abreast of security issues.  The security officers
-officer also communicates with the various CERTs around the world to
+also communicate with the various <A HREF="http://www.cert.org">CERT</A>
-give them information about vulnerabilities within FreeBSD and to receive
+and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
-information about new ones. As such, the security officer is a member of 
+sharing information about vulnerabilities in FreeBSD or utilities commonly
-<A HREF="http://www.first.org/">FIRST</A>, the Forum of Incident Response
+used by FreeBSD, and keeping up to date on security issues in the world at
-and Security Teams.
+large.  The security officers are also active members of those
-<P>
+organizations.</P>
-When you contact the security officer about sensitive matters, please use
-our <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A> to encrypt your
-message.
 
-</P><H2>FreeBSD security related information</H2>
+<P>When you need to contact the security officers about a sensitive matter,
-If you want to stay up to date on FreeBSD security, you can subscribe
+please use their
-yorself to one of the following mailing lists:
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+to encrypt your message before sending it.</P>
+
+<H2>FreeBSD security advisories:</H2>
+
+<P>The FreeBSD security officers provide security advisories for
+the following releases of FreeBSD:</P>
+
+<UL>
+<LI>	the most recent official release of FreeBSD,
+<LI>	FreeBSD-current,
+<LI>	FreeBSD-stable, when at least 2 releases are based on it.
+<LI>	the previous FreeBSD-stable when a "new stable" does not
+        yet have 2 releases based on it.
+</UL>
+
+At this time, security advisories are available for:
+<UL>
+<LI>	FreeBSD 2.2.6
+<LI>	FreeBSD-current
+<LI>	FreeBSD-stable
+</UL>
+
+<P>Older releases will not be actively maintained and users are strongly
+encouraged to upgrade to one of the supported releases.</P>
+
+<P>An advisory will be sent out when a security hole exists that is
+either being actively abused (as indicated to us via reports from end
+users or CERT like organizations), or when the security hole is public
+knowledge (e.g. because a report has been posted to a public mailing
+list).</P>
+
+<P>Like all development efforts, security fixes are first brought into
+the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+branch.  After a couple of days and some testing, the fix is retrofitted
+into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
+
+<P>Advisories are sent to the following FreeBSD mailing lists:
+<UL>
+<LI>FreeBSD-security-notifications@freebsd.org
+<LI>FreeBSD-security@freebsd.org
+<LI>FreeBSD-announce@freebsd.org
+</UL>
+
+<P>Advisories are always signed using the FreeBSD security officer
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+and are archived, along with their associated patches, at our
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
+repository</A>.  At the time of this writing, the following advisories are
+currently available:</P>
+
+<UL>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
+</UL>
+
+<H2>FreeBSD security related information</H2>
+
+<P>If you want to stay up to date on FreeBSD security, you can subscribe
+yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
@@ -52,114 +135,71 @@ with
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
-<P>
-Publications of the FreeBSD security officer can also be found on
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">ftp://ftp.freebsd.org/pub/FreeBSD/CERT/</A>
-<P>Handbook?
 
-</P><H2>FreeBSD security advisories:</H2>
+<H2>What to do when you detect a security compromise:</H2>
-FreeBSD provides security advisories. The advisories will cover
+
-recent releases of FreeBSD. The security advisories will cover
-these releases: 
 <UL>
-<LI>	the most recent official release of FreeBSD,
+<LI><B>Determine the level of security breach:</B><BR>
-<LI>	FreeBSD-current, 
-<LI>	FreeBSD-stable, when 2 releases are based on it.
-<LI>	the previous FreeBSD-stable in case the new stable does not
-        yet have 2 releases based on it.
-</UL>
-
-At this time, security advisories are available for:
-<UL>
-<LI>	FreeBSD 2.2.6
-<LI>	FreeBSD-current
-<LI>	FreeBSD-stable
-</UL>
-
-Older releases will not be actively maintained.
-<p>
-You are encouraged to upgrade to one of the supported releases.
-<p>
-An advisory will be sent out when a security hole exists that is either being
-actively abused (as indicated to us via reports from end users or CERT
-like organizations), or when the security hole is public knowledge
-(e.g. because a report has been posted to a public mailing list).
-<p>
-Like all development efforts, security fixes are first brought into the
-FreeBSD-current branch. After a couple of days, the fix will be retrofitted
-into the covered FreeBSD-stable branch(es). Then an advisory will
-be sent out.
-<p>
-Advisories will be sent to the following FreeBSD mailing lists:
-<UL>
-<LI> FreeBSD-security-notifications
-<LI> FreeBSD-security
-<LI> FreeBSD-announce
-</UL>
-Advisories will always be signed using the FreeBSD security-officer
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
-<p>
-Advisories and patches are archived at our 
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">FTP site</A>.
-
-</P>
-
-
-
-
-
-<H2>What to do when you detect a security compromise </H2>
-<UL>
-<LI>determine the level of security breack<BR>
 What privilege did the attack get? That of another user or more (up to
-root privileges)?
+root privileges)?</LI>
-<LI>determine the part of the system that is not in its original state
+
-anymore<BR>
+<LI><B>Determine those parts of the system which are not in their original state
+anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
-package keeps MD5 checksums. Be aware that tripwire might be tampered
+package also keeps MD5 checksums, though be aware that tripwire might
-with as well.
+be tampered with as well and be sure and use a known-good copy.</LI>
-<LI>find out how the breakin was done<BR>
+
-Via a well-known security bug? A misconfiguration? When it's a new bug,
+<LI><B>Find out how the breakin was done:</B><BR>
-warn the FreeBSD Security Officer.
+Via a well-known security bug? A misconfiguration?  If it's a new bug,
-<LI>fix the hole(s)<BR>
+you should warn the <A HREF="mailto:security-officer@freebsd.org">
+FreeBSD Security Officer</A>.</LI>
+
+<LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
-a fix quickly, you can temporarily disable remote access to your system.
+a fix quickly, you should temporarily disable remote access to your system
+until you have done so.</LI>
 </UL>
 
-Other questions you may ask yourself are:
+<P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
-local authorities. The choice is up to you.
+local authorities. The choice is up to you.</LI>
+
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
-the chance the cracker wipes your disk. The choice is up to you.
+the chance the cracker wipes your disk. The choice is up to you.</LI>
+
 </UL>
 
-<h2><a href="secure.html">How to secure a FreeBSD system</a></h2>
+<H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
-There are several steps involved in securing a FreeBSD system, or in
-fact any UNIX system.
 
-<h2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></h2>
+<P>There are several steps involved in securing a FreeBSD system, or in
+fact, any UNIX system:</P>
 
+<H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
+<H2>Other useful security information:</H2>
 
-<H2>Other usefull security information:</H2>
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
-	Contains a huge collection of security related material.
+	Contains a huge collection of security related material.</LI>
+
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
-	material. It contains hundreds of usefull
+	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
-	security...and more...
+	security...and more...</LI>
+
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
-	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)
+	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
-<LI>Mailing lists: Bugtraq, BOS
+
-</ul>
+<LI>Mailing lists: Bugtraq, BOS, etc.</LI>
+
+</UL>
 
       &footer
   </body>

en/security/advisories.xml

@@ -1,10 +1,10 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-06-23 22:42:14 $">
+<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: advisories.xml,v 1.2 1998-06-23 22:42:14 wosch Exp $ -->
+<!-- $Id: advisories.xml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
 
 <html>
     &header;
@@ -15,31 +15,114 @@ code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
- less likely introduce security holes in the first place.
+ less likely introduce security holes in the first place.</P>
 
-</P><P>We welcome your comments on the contents and correctness of this page.
+<P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
-FreeBSD Security Officers</A> if you have changes you'd like to see here.
+FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
-</P><H2>The FreeBSD security officer</H2>
+<H2>The FreeBSD security officer</H2>
 
-As FreeBSD takes security seriously, there is a security officer who is
+<P>FreeBSD takes security seriously, a dedicated team of security officers
-the focal point for security related communications. The security officers'
+providing a focal point for security related communications. A security
-main task is to send out advisories when there are known security holes
+officers' main task is to send out advisories when there are known security
-so FreeBSD users will be able to keep their systems secure. The security
+holes and otherwise keep abreast of security issues.  The security officers
-officer also communicates with the various CERTs around the world to
+also communicate with the various <A HREF="http://www.cert.org">CERT</A>
-give them information about vulnerabilities within FreeBSD and to receive
+and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
-information about new ones. As such, the security officer is a member of 
+sharing information about vulnerabilities in FreeBSD or utilities commonly
-<A HREF="http://www.first.org/">FIRST</A>, the Forum of Incident Response
+used by FreeBSD, and keeping up to date on security issues in the world at
-and Security Teams.
+large.  The security officers are also active members of those
-<P>
+organizations.</P>
-When you contact the security officer about sensitive matters, please use
-our <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A> to encrypt your
-message.
 
-</P><H2>FreeBSD security related information</H2>
+<P>When you need to contact the security officers about a sensitive matter,
-If you want to stay up to date on FreeBSD security, you can subscribe
+please use their
-yorself to one of the following mailing lists:
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+to encrypt your message before sending it.</P>
+
+<H2>FreeBSD security advisories:</H2>
+
+<P>The FreeBSD security officers provide security advisories for
+the following releases of FreeBSD:</P>
+
+<UL>
+<LI>	the most recent official release of FreeBSD,
+<LI>	FreeBSD-current,
+<LI>	FreeBSD-stable, when at least 2 releases are based on it.
+<LI>	the previous FreeBSD-stable when a "new stable" does not
+        yet have 2 releases based on it.
+</UL>
+
+At this time, security advisories are available for:
+<UL>
+<LI>	FreeBSD 2.2.6
+<LI>	FreeBSD-current
+<LI>	FreeBSD-stable
+</UL>
+
+<P>Older releases will not be actively maintained and users are strongly
+encouraged to upgrade to one of the supported releases.</P>
+
+<P>An advisory will be sent out when a security hole exists that is
+either being actively abused (as indicated to us via reports from end
+users or CERT like organizations), or when the security hole is public
+knowledge (e.g. because a report has been posted to a public mailing
+list).</P>
+
+<P>Like all development efforts, security fixes are first brought into
+the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+branch.  After a couple of days and some testing, the fix is retrofitted
+into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
+
+<P>Advisories are sent to the following FreeBSD mailing lists:
+<UL>
+<LI>FreeBSD-security-notifications@freebsd.org
+<LI>FreeBSD-security@freebsd.org
+<LI>FreeBSD-announce@freebsd.org
+</UL>
+
+<P>Advisories are always signed using the FreeBSD security officer
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+and are archived, along with their associated patches, at our
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
+repository</A>.  At the time of this writing, the following advisories are
+currently available:</P>
+
+<UL>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
+</UL>
+
+<H2>FreeBSD security related information</H2>
+
+<P>If you want to stay up to date on FreeBSD security, you can subscribe
+yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
@@ -52,114 +135,71 @@ with
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
-<P>
-Publications of the FreeBSD security officer can also be found on
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">ftp://ftp.freebsd.org/pub/FreeBSD/CERT/</A>
-<P>Handbook?
 
-</P><H2>FreeBSD security advisories:</H2>
+<H2>What to do when you detect a security compromise:</H2>
-FreeBSD provides security advisories. The advisories will cover
+
-recent releases of FreeBSD. The security advisories will cover
-these releases: 
 <UL>
-<LI>	the most recent official release of FreeBSD,
+<LI><B>Determine the level of security breach:</B><BR>
-<LI>	FreeBSD-current, 
-<LI>	FreeBSD-stable, when 2 releases are based on it.
-<LI>	the previous FreeBSD-stable in case the new stable does not
-        yet have 2 releases based on it.
-</UL>
-
-At this time, security advisories are available for:
-<UL>
-<LI>	FreeBSD 2.2.6
-<LI>	FreeBSD-current
-<LI>	FreeBSD-stable
-</UL>
-
-Older releases will not be actively maintained.
-<p>
-You are encouraged to upgrade to one of the supported releases.
-<p>
-An advisory will be sent out when a security hole exists that is either being
-actively abused (as indicated to us via reports from end users or CERT
-like organizations), or when the security hole is public knowledge
-(e.g. because a report has been posted to a public mailing list).
-<p>
-Like all development efforts, security fixes are first brought into the
-FreeBSD-current branch. After a couple of days, the fix will be retrofitted
-into the covered FreeBSD-stable branch(es). Then an advisory will
-be sent out.
-<p>
-Advisories will be sent to the following FreeBSD mailing lists:
-<UL>
-<LI> FreeBSD-security-notifications
-<LI> FreeBSD-security
-<LI> FreeBSD-announce
-</UL>
-Advisories will always be signed using the FreeBSD security-officer
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
-<p>
-Advisories and patches are archived at our 
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">FTP site</A>.
-
-</P>
-
-
-
-
-
-<H2>What to do when you detect a security compromise </H2>
-<UL>
-<LI>determine the level of security breack<BR>
 What privilege did the attack get? That of another user or more (up to
-root privileges)?
+root privileges)?</LI>
-<LI>determine the part of the system that is not in its original state
+
-anymore<BR>
+<LI><B>Determine those parts of the system which are not in their original state
+anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
-package keeps MD5 checksums. Be aware that tripwire might be tampered
+package also keeps MD5 checksums, though be aware that tripwire might
-with as well.
+be tampered with as well and be sure and use a known-good copy.</LI>
-<LI>find out how the breakin was done<BR>
+
-Via a well-known security bug? A misconfiguration? When it's a new bug,
+<LI><B>Find out how the breakin was done:</B><BR>
-warn the FreeBSD Security Officer.
+Via a well-known security bug? A misconfiguration?  If it's a new bug,
-<LI>fix the hole(s)<BR>
+you should warn the <A HREF="mailto:security-officer@freebsd.org">
+FreeBSD Security Officer</A>.</LI>
+
+<LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
-a fix quickly, you can temporarily disable remote access to your system.
+a fix quickly, you should temporarily disable remote access to your system
+until you have done so.</LI>
 </UL>
 
-Other questions you may ask yourself are:
+<P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
-local authorities. The choice is up to you.
+local authorities. The choice is up to you.</LI>
+
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
-the chance the cracker wipes your disk. The choice is up to you.
+the chance the cracker wipes your disk. The choice is up to you.</LI>
+
 </UL>
 
-<h2><a href="secure.html">How to secure a FreeBSD system</a></h2>
+<H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
-There are several steps involved in securing a FreeBSD system, or in
-fact any UNIX system.
 
-<h2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></h2>
+<P>There are several steps involved in securing a FreeBSD system, or in
+fact, any UNIX system:</P>
 
+<H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
+<H2>Other useful security information:</H2>
 
-<H2>Other usefull security information:</H2>
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
-	Contains a huge collection of security related material.
+	Contains a huge collection of security related material.</LI>
+
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
-	material. It contains hundreds of usefull
+	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
-	security...and more...
+	security...and more...</LI>
+
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
-	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)
+	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
-<LI>Mailing lists: Bugtraq, BOS
+
-</ul>
+<LI>Mailing lists: Bugtraq, BOS, etc.</LI>
+
+</UL>
 
       &footer
   </body>

en/security/security.sgml

@@ -1,10 +1,10 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-06-23 22:42:14 $">
+<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: security.sgml,v 1.2 1998-06-23 22:42:14 wosch Exp $ -->
+<!-- $Id: security.sgml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
 
 <html>
     &header;
@@ -15,31 +15,114 @@ code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
- less likely introduce security holes in the first place.
+ less likely introduce security holes in the first place.</P>
 
-</P><P>We welcome your comments on the contents and correctness of this page.
+<P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
-FreeBSD Security Officers</A> if you have changes you'd like to see here.
+FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
-</P><H2>The FreeBSD security officer</H2>
+<H2>The FreeBSD security officer</H2>
 
-As FreeBSD takes security seriously, there is a security officer who is
+<P>FreeBSD takes security seriously, a dedicated team of security officers
-the focal point for security related communications. The security officers'
+providing a focal point for security related communications. A security
-main task is to send out advisories when there are known security holes
+officers' main task is to send out advisories when there are known security
-so FreeBSD users will be able to keep their systems secure. The security
+holes and otherwise keep abreast of security issues.  The security officers
-officer also communicates with the various CERTs around the world to
+also communicate with the various <A HREF="http://www.cert.org">CERT</A>
-give them information about vulnerabilities within FreeBSD and to receive
+and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
-information about new ones. As such, the security officer is a member of 
+sharing information about vulnerabilities in FreeBSD or utilities commonly
-<A HREF="http://www.first.org/">FIRST</A>, the Forum of Incident Response
+used by FreeBSD, and keeping up to date on security issues in the world at
-and Security Teams.
+large.  The security officers are also active members of those
-<P>
+organizations.</P>
-When you contact the security officer about sensitive matters, please use
-our <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A> to encrypt your
-message.
 
-</P><H2>FreeBSD security related information</H2>
+<P>When you need to contact the security officers about a sensitive matter,
-If you want to stay up to date on FreeBSD security, you can subscribe
+please use their
-yorself to one of the following mailing lists:
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+to encrypt your message before sending it.</P>
+
+<H2>FreeBSD security advisories:</H2>
+
+<P>The FreeBSD security officers provide security advisories for
+the following releases of FreeBSD:</P>
+
+<UL>
+<LI>	the most recent official release of FreeBSD,
+<LI>	FreeBSD-current,
+<LI>	FreeBSD-stable, when at least 2 releases are based on it.
+<LI>	the previous FreeBSD-stable when a "new stable" does not
+        yet have 2 releases based on it.
+</UL>
+
+At this time, security advisories are available for:
+<UL>
+<LI>	FreeBSD 2.2.6
+<LI>	FreeBSD-current
+<LI>	FreeBSD-stable
+</UL>
+
+<P>Older releases will not be actively maintained and users are strongly
+encouraged to upgrade to one of the supported releases.</P>
+
+<P>An advisory will be sent out when a security hole exists that is
+either being actively abused (as indicated to us via reports from end
+users or CERT like organizations), or when the security hole is public
+knowledge (e.g. because a report has been posted to a public mailing
+list).</P>
+
+<P>Like all development efforts, security fixes are first brought into
+the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+branch.  After a couple of days and some testing, the fix is retrofitted
+into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
+
+<P>Advisories are sent to the following FreeBSD mailing lists:
+<UL>
+<LI>FreeBSD-security-notifications@freebsd.org
+<LI>FreeBSD-security@freebsd.org
+<LI>FreeBSD-announce@freebsd.org
+</UL>
+
+<P>Advisories are always signed using the FreeBSD security officer
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+and are archived, along with their associated patches, at our
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
+repository</A>.  At the time of this writing, the following advisories are
+currently available:</P>
+
+<UL>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
+</UL>
+
+<H2>FreeBSD security related information</H2>
+
+<P>If you want to stay up to date on FreeBSD security, you can subscribe
+yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
@@ -52,114 +135,71 @@ with
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
-<P>
-Publications of the FreeBSD security officer can also be found on
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">ftp://ftp.freebsd.org/pub/FreeBSD/CERT/</A>
-<P>Handbook?
 
-</P><H2>FreeBSD security advisories:</H2>
+<H2>What to do when you detect a security compromise:</H2>
-FreeBSD provides security advisories. The advisories will cover
+
-recent releases of FreeBSD. The security advisories will cover
-these releases: 
 <UL>
-<LI>	the most recent official release of FreeBSD,
+<LI><B>Determine the level of security breach:</B><BR>
-<LI>	FreeBSD-current, 
-<LI>	FreeBSD-stable, when 2 releases are based on it.
-<LI>	the previous FreeBSD-stable in case the new stable does not
-        yet have 2 releases based on it.
-</UL>
-
-At this time, security advisories are available for:
-<UL>
-<LI>	FreeBSD 2.2.6
-<LI>	FreeBSD-current
-<LI>	FreeBSD-stable
-</UL>
-
-Older releases will not be actively maintained.
-<p>
-You are encouraged to upgrade to one of the supported releases.
-<p>
-An advisory will be sent out when a security hole exists that is either being
-actively abused (as indicated to us via reports from end users or CERT
-like organizations), or when the security hole is public knowledge
-(e.g. because a report has been posted to a public mailing list).
-<p>
-Like all development efforts, security fixes are first brought into the
-FreeBSD-current branch. After a couple of days, the fix will be retrofitted
-into the covered FreeBSD-stable branch(es). Then an advisory will
-be sent out.
-<p>
-Advisories will be sent to the following FreeBSD mailing lists:
-<UL>
-<LI> FreeBSD-security-notifications
-<LI> FreeBSD-security
-<LI> FreeBSD-announce
-</UL>
-Advisories will always be signed using the FreeBSD security-officer
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
-<p>
-Advisories and patches are archived at our 
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">FTP site</A>.
-
-</P>
-
-
-
-
-
-<H2>What to do when you detect a security compromise </H2>
-<UL>
-<LI>determine the level of security breack<BR>
 What privilege did the attack get? That of another user or more (up to
-root privileges)?
+root privileges)?</LI>
-<LI>determine the part of the system that is not in its original state
+
-anymore<BR>
+<LI><B>Determine those parts of the system which are not in their original state
+anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
-package keeps MD5 checksums. Be aware that tripwire might be tampered
+package also keeps MD5 checksums, though be aware that tripwire might
-with as well.
+be tampered with as well and be sure and use a known-good copy.</LI>
-<LI>find out how the breakin was done<BR>
+
-Via a well-known security bug? A misconfiguration? When it's a new bug,
+<LI><B>Find out how the breakin was done:</B><BR>
-warn the FreeBSD Security Officer.
+Via a well-known security bug? A misconfiguration?  If it's a new bug,
-<LI>fix the hole(s)<BR>
+you should warn the <A HREF="mailto:security-officer@freebsd.org">
+FreeBSD Security Officer</A>.</LI>
+
+<LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
-a fix quickly, you can temporarily disable remote access to your system.
+a fix quickly, you should temporarily disable remote access to your system
+until you have done so.</LI>
 </UL>
 
-Other questions you may ask yourself are:
+<P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
-local authorities. The choice is up to you.
+local authorities. The choice is up to you.</LI>
+
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
-the chance the cracker wipes your disk. The choice is up to you.
+the chance the cracker wipes your disk. The choice is up to you.</LI>
+
 </UL>
 
-<h2><a href="secure.html">How to secure a FreeBSD system</a></h2>
+<H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
-There are several steps involved in securing a FreeBSD system, or in
-fact any UNIX system.
 
-<h2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></h2>
+<P>There are several steps involved in securing a FreeBSD system, or in
+fact, any UNIX system:</P>
 
+<H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
+<H2>Other useful security information:</H2>
 
-<H2>Other usefull security information:</H2>
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
-	Contains a huge collection of security related material.
+	Contains a huge collection of security related material.</LI>
+
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
-	material. It contains hundreds of usefull
+	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
-	security...and more...
+	security...and more...</LI>
+
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
-	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)
+	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
-<LI>Mailing lists: Bugtraq, BOS
+
-</ul>
+<LI>Mailing lists: Bugtraq, BOS, etc.</LI>
+
+</UL>
 
       &footer
   </body>

share/sgml/advisories.xml

@@ -1,10 +1,10 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-06-23 22:42:14 $">
+<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: advisories.xml,v 1.2 1998-06-23 22:42:14 wosch Exp $ -->
+<!-- $Id: advisories.xml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
 
 <html>
     &header;
@@ -15,31 +15,114 @@ code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
- less likely introduce security holes in the first place.
+ less likely introduce security holes in the first place.</P>
 
-</P><P>We welcome your comments on the contents and correctness of this page.
+<P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
-FreeBSD Security Officers</A> if you have changes you'd like to see here.
+FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
-</P><H2>The FreeBSD security officer</H2>
+<H2>The FreeBSD security officer</H2>
 
-As FreeBSD takes security seriously, there is a security officer who is
+<P>FreeBSD takes security seriously, a dedicated team of security officers
-the focal point for security related communications. The security officers'
+providing a focal point for security related communications. A security
-main task is to send out advisories when there are known security holes
+officers' main task is to send out advisories when there are known security
-so FreeBSD users will be able to keep their systems secure. The security
+holes and otherwise keep abreast of security issues.  The security officers
-officer also communicates with the various CERTs around the world to
+also communicate with the various <A HREF="http://www.cert.org">CERT</A>
-give them information about vulnerabilities within FreeBSD and to receive
+and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
-information about new ones. As such, the security officer is a member of 
+sharing information about vulnerabilities in FreeBSD or utilities commonly
-<A HREF="http://www.first.org/">FIRST</A>, the Forum of Incident Response
+used by FreeBSD, and keeping up to date on security issues in the world at
-and Security Teams.
+large.  The security officers are also active members of those
-<P>
+organizations.</P>
-When you contact the security officer about sensitive matters, please use
-our <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A> to encrypt your
-message.
 
-</P><H2>FreeBSD security related information</H2>
+<P>When you need to contact the security officers about a sensitive matter,
-If you want to stay up to date on FreeBSD security, you can subscribe
+please use their
-yorself to one of the following mailing lists:
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+to encrypt your message before sending it.</P>
+
+<H2>FreeBSD security advisories:</H2>
+
+<P>The FreeBSD security officers provide security advisories for
+the following releases of FreeBSD:</P>
+
+<UL>
+<LI>	the most recent official release of FreeBSD,
+<LI>	FreeBSD-current,
+<LI>	FreeBSD-stable, when at least 2 releases are based on it.
+<LI>	the previous FreeBSD-stable when a "new stable" does not
+        yet have 2 releases based on it.
+</UL>
+
+At this time, security advisories are available for:
+<UL>
+<LI>	FreeBSD 2.2.6
+<LI>	FreeBSD-current
+<LI>	FreeBSD-stable
+</UL>
+
+<P>Older releases will not be actively maintained and users are strongly
+encouraged to upgrade to one of the supported releases.</P>
+
+<P>An advisory will be sent out when a security hole exists that is
+either being actively abused (as indicated to us via reports from end
+users or CERT like organizations), or when the security hole is public
+knowledge (e.g. because a report has been posted to a public mailing
+list).</P>
+
+<P>Like all development efforts, security fixes are first brought into
+the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+branch.  After a couple of days and some testing, the fix is retrofitted
+into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
+
+<P>Advisories are sent to the following FreeBSD mailing lists:
+<UL>
+<LI>FreeBSD-security-notifications@freebsd.org
+<LI>FreeBSD-security@freebsd.org
+<LI>FreeBSD-announce@freebsd.org
+</UL>
+
+<P>Advisories are always signed using the FreeBSD security officer
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
+and are archived, along with their associated patches, at our
+<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
+repository</A>.  At the time of this writing, the following advisories are
+currently available:</P>
+
+<UL>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
+<LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
+</UL>
+
+<H2>FreeBSD security related information</H2>
+
+<P>If you want to stay up to date on FreeBSD security, you can subscribe
+yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
@@ -52,114 +135,71 @@ with
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
-<P>
-Publications of the FreeBSD security officer can also be found on
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">ftp://ftp.freebsd.org/pub/FreeBSD/CERT/</A>
-<P>Handbook?
 
-</P><H2>FreeBSD security advisories:</H2>
+<H2>What to do when you detect a security compromise:</H2>
-FreeBSD provides security advisories. The advisories will cover
+
-recent releases of FreeBSD. The security advisories will cover
-these releases: 
 <UL>
-<LI>	the most recent official release of FreeBSD,
+<LI><B>Determine the level of security breach:</B><BR>
-<LI>	FreeBSD-current, 
-<LI>	FreeBSD-stable, when 2 releases are based on it.
-<LI>	the previous FreeBSD-stable in case the new stable does not
-        yet have 2 releases based on it.
-</UL>
-
-At this time, security advisories are available for:
-<UL>
-<LI>	FreeBSD 2.2.6
-<LI>	FreeBSD-current
-<LI>	FreeBSD-stable
-</UL>
-
-Older releases will not be actively maintained.
-<p>
-You are encouraged to upgrade to one of the supported releases.
-<p>
-An advisory will be sent out when a security hole exists that is either being
-actively abused (as indicated to us via reports from end users or CERT
-like organizations), or when the security hole is public knowledge
-(e.g. because a report has been posted to a public mailing list).
-<p>
-Like all development efforts, security fixes are first brought into the
-FreeBSD-current branch. After a couple of days, the fix will be retrofitted
-into the covered FreeBSD-stable branch(es). Then an advisory will
-be sent out.
-<p>
-Advisories will be sent to the following FreeBSD mailing lists:
-<UL>
-<LI> FreeBSD-security-notifications
-<LI> FreeBSD-security
-<LI> FreeBSD-announce
-</UL>
-Advisories will always be signed using the FreeBSD security-officer
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
-<p>
-Advisories and patches are archived at our 
-<A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/">FTP site</A>.
-
-</P>
-
-
-
-
-
-<H2>What to do when you detect a security compromise </H2>
-<UL>
-<LI>determine the level of security breack<BR>
 What privilege did the attack get? That of another user or more (up to
-root privileges)?
+root privileges)?</LI>
-<LI>determine the part of the system that is not in its original state
+
-anymore<BR>
+<LI><B>Determine those parts of the system which are not in their original state
+anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
-package keeps MD5 checksums. Be aware that tripwire might be tampered
+package also keeps MD5 checksums, though be aware that tripwire might
-with as well.
+be tampered with as well and be sure and use a known-good copy.</LI>
-<LI>find out how the breakin was done<BR>
+
-Via a well-known security bug? A misconfiguration? When it's a new bug,
+<LI><B>Find out how the breakin was done:</B><BR>
-warn the FreeBSD Security Officer.
+Via a well-known security bug? A misconfiguration?  If it's a new bug,
-<LI>fix the hole(s)<BR>
+you should warn the <A HREF="mailto:security-officer@freebsd.org">
+FreeBSD Security Officer</A>.</LI>
+
+<LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
-a fix quickly, you can temporarily disable remote access to your system.
+a fix quickly, you should temporarily disable remote access to your system
+until you have done so.</LI>
 </UL>
 
-Other questions you may ask yourself are:
+<P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
-local authorities. The choice is up to you.
+local authorities. The choice is up to you.</LI>
+
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
-the chance the cracker wipes your disk. The choice is up to you.
+the chance the cracker wipes your disk. The choice is up to you.</LI>
+
 </UL>
 
-<h2><a href="secure.html">How to secure a FreeBSD system</a></h2>
+<H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
-There are several steps involved in securing a FreeBSD system, or in
-fact any UNIX system.
 
-<h2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></h2>
+<P>There are several steps involved in securing a FreeBSD system, or in
+fact, any UNIX system:</P>
 
+<H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
+<H2>Other useful security information:</H2>
 
-<H2>Other usefull security information:</H2>
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
-	Contains a huge collection of security related material.
+	Contains a huge collection of security related material.</LI>
+
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
-	material. It contains hundreds of usefull
+	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
-	security...and more...
+	security...and more...</LI>
+
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
-	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)
+	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
-<LI>Mailing lists: Bugtraq, BOS
+
-</ul>
+<LI>Mailing lists: Bugtraq, BOS, etc.</LI>
+
+</UL>
 
       &footer
   </body>