Frequently asked Questions about Security update. I received quite a few requests from people with only E-mail access for the Security FAQes and previously they were only available through Usenet, FTP, and Web. I have set up a file-mail server to obtain these vital security files for securing your network. To get a general index of the topics, E-mail info@iss.net. In the subject or body of the message have the following: send index To get the index of Faqs, "send index for FAQ" Then to get a particular FAQ, such as secure Anonymous FTP FAQ, "send anonftp of faq" to info@iss.net If you have any problems, concerns, feedbacks, e-mail me at cklaus@iss.net. The files will be sent back shar'd. They have shell commands at the beginning and very end. They are just there to make it easier to split the file, but for the very paranoid, you can easily use vi to split the files yourself, just incase somehow the commands are really trojans. 8-) Here is also some of the changes that have taken place with the newer FAQes, so you may want to get the most recent copies. Sniffer FAQ 1.0 A NEW FAQ ABOUT SNIFFERS. Vendor FAQ: 2.0 added Novell. updated SGI's info. Patches FAQ: 2.1 Added information about IP Address spoofing Added information about Hijacking 2.0 Added AIX SRC Routing and IP Forwarding off options Corrected ftp for tripwire Corrected ftp for AIX FixDist Updated HP-UX patch list. Updated SCO patch list. Included more useful options to turn on for SGI. Updated Sun and Solaris Patch list. Included info for Solaris's file permissions and Casper Dik's fix-mode. Compromise FAQ: 2.0 Added the reference location for nfs watch and crack. Anon FTP FAQ: 2.0 Added back in Gary Mills' pipe program. -- Christopher William Klaus Voice: (404)441-2531. Fax: (404)441-2431 Internet Security Systems, Inc. Computer Security Consulting 2000 Miller Court West, Norcross, GA 30071