There are 4+ reports at http://interactive.wsj.com/pages/smallchange.htm regarding micropayments. (30-day registration is free) ---- From: Bill Stewart <bill.stewart@pobox.com> # # Akamai isn't a DoubleClick type of service - # it's a distributed caching system that allows web sites # to get better performance by caching static web content # on large ISPs and other sites likely to be nearer to readers # than the content owner's web site. Thank you for the LART, apologies (or is that regrets ;-) to Declan. Good thing porno sites don't use it, the URL would be hard to block without taking out non-porno sites. ----- One of the very few really cool URLs the Jimster sent to the list was for a home-made plasma ball. I wanted to tell others about it, but the URL stopped working shortly after the Jimster gave it out. I heard he doesn't like to receive mail from people (individuals), so I didn't email him. Anyone have a working URL for the plasmoid ball? ---- NTP root security hole? # >Path: news.panix.com!panix1.panix.com!not-for-mail # >From: elr@panix.com (Ed Ravin [staff]) # >Newsgroups: panix.motd.system # >Subject: Unix_NTP_Advisory # >Followup-To: panix.questions # >Date: 5 Apr 2001 18:25:21 -0400 # # (The following article has been automatically mirrored from MOTD) # # (Posted by Ed Ravin [staff]) Thu, Apr 05 2001 -- 5:57 PM # --------------------------------------------------------------------------- # All Linux, FreeBSD, NetBSD, and any other users who administer Unix # machines at their home or in their workplace please take note: # # The xntpd and ntpd daemons, which are used for synchronizing time between # multiple machines over a network, have a security vulnerability that # allows remote attackers to gain root access. # # If you are using NTP on your Linux, FreeBSD, NetBSD, or any other # Unix-ish operating system which you keep connected to the Internet # on a regular basis, you should shut down the NTP daemon now and # examine your machine for evidence of a remote attack. We have already # received one report from a Panix customer who was probed Thursday night/ # Friday morning. # # Users with commercial vendor versions of Unix (i.e. Solaris, AIX, HP-UX, # etc) should contact their vendor for more information to find out if # they are affected (I suspect they are, though it will take a while before # someone puts together an exploit). In the meantime, you should stop # running xntpd/ntpd until your vendor addresses the problem. # # For further discussion, please post in panix.questions. # # Windows and Mac users can safely ignore this message. # # -- Ed # # PS: We've received reports of Panix customers with Linux machines being # hacked at the rate of 1-2 per week for the couple of weeks - if you have # ANY Linux or *BSD system that you have not updated with security fixes # since January 1, or if you installed ANY Linux or *BSD system directly # from the CD and have not updated it (like RedHat 6.2 or 7.0), that system # is probably vulnerable to remote exploits. # # --- # Public Access Internet & UNIX [panix.com]