diff --git a/en_US.ISO8859-1/books/handbook/security/chapter.sgml b/en_US.ISO8859-1/books/handbook/security/chapter.sgml index 69d4c8914e..ae37691c1a 100644 --- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml @@ -295,7 +295,7 @@ - Command vs. Protocol + Command Versus Protocol Throughout this document, we will use bold text to refer to an @@ -650,7 +650,7 @@ Bumping the secure level to 1 or higher may cause a few problems to X11 (access to /dev/io will - be blocked), or to the installation of &os; build from + be blocked), or to the installation of &os; built from source (the installworld part of the process needs to temporarily reset the append-only and immutable flags of some files), and in a few other cases. @@ -669,8 +669,8 @@ If the kernel's secure level is raised to 1 or a higher value, it may be useful to set the schg flag on critical startup binaries, directories, and script - files (i.e. everything that gets run up to the point where the - securelevel is set). This might be overdoing it, and + files (i.e., everything that gets run up to the point where + the securelevel is set). This might be overdoing it, and upgrading the system is much more difficult when it operates at a high secure level. A less strict compromise is to run the system at a higher secure level but skip setting the @@ -828,7 +828,7 @@ A common DoS attack scenario is attacking a forking server - and making it spawning so many child processes that the host + and making it spawn so many child processes that the host system eventually runs out of memory, file descriptors, etc. and then grinds to a halt. inetd (see &man.inetd.8;) has several options to limit this sort of @@ -1528,7 +1528,7 @@ ALL : ALL \ It may be possible to launch a denial of service - attack on the server if an attacker, or group of attackers + attack on the server if an attacker, or group of attackers, could flood these daemons with connection requests. @@ -1554,7 +1554,7 @@ ALL : .example.com \ /var/log/connections.log file. Aside from the already explained substitution characters - above, e.g. %a, a few others exist. See + above, e.g., %a, a few others exist. See the &man.hosts.access.5; manual page for the complete list. @@ -3897,13 +3897,13 @@ You are advised to update or deinstall the affected package(s) immediately. +Topic: denial of service due to some problem -Category: core -Module: sys -Announced: 2003-09-23 -Credits: Person -Affects: All releases of &os; +Category: core +Module: sys +Announced: 2003-09-23 +Credits: Person +Affects: All releases of &os; &os; 4-STABLE prior to the correction date Corrected: 2003-09-23 16:42:59 UTC (RELENG_4, 4.9-PRERELEASE) 2003-09-23 20:08:42 UTC (RELENG_5_1, 5.1-RELEASE-p6) @@ -3913,33 +3913,33 @@ Corrected: 2003-09-23 16:42:59 UTC (RELENG_4, 4.9-PRERELEASE) 2003-09-23 16:49:46 UTC (RELENG_4_6, 4.6-RELEASE-p21) 2003-09-23 16:51:24 UTC (RELENG_4_5, 4.5-RELEASE-p33) 2003-09-23 16:52:45 UTC (RELENG_4_4, 4.4-RELEASE-p43) - 2003-09-23 16:54:39 UTC (RELENG_4_3, 4.3-RELEASE-p39) -CVE Name: CVE-XXXX-XXXX + 2003-09-23 16:54:39 UTC (RELENG_4_3, 4.3-RELEASE-p39) +CVE Name: CVE-XXXX-XXXX For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit http://www.FreeBSD.org/security/. -I. Background +I. Background -II. Problem Description +II. Problem Description -III. Impact +III. Impact -IV. Workaround +IV. Workaround -V. Solution +V. Solution -VI. Correction details +VI. Correction details -VII. References +VII. References