From The Register: “According to top security expert Steve Gibson, Windows XP threatens to make the
Internet unstable as it will allow large numbers of people to launch uncontrollable
denial-of-service attacks to whichever IP address they see fit.

Mr. Gibson came across the flaw while doing an in-depth investigation into DoS
attacks on his own site, grc.com.”

Matthew Rothenberg writes, “Courtesy of eWeek: Apple Computer Inc.’s switch to Mac OS X has opened up the playing field to new contenders such as Norway’s Opera Software and Omni Group.”

Posted at LWN.net: Mario Lorenz discovered a possible buffer overflow in the kerberos
gssapi-aware ftpd in the krb5-workstation package that is included
in all versions of Immunix OS. It is believed at this time that
StackGuard prevents the exploitation of this vulnerability; however,
in the absence of an exploit to test against, we recommend that all
users of the kerberos packages update their installation.

Patrick Mullen writes, “The Duke of URL has just posted its review of NetBSD 1.5. The review covers everything from installation, to its features, as well as how it ranks up in security and against the other *BSDs.”

CNet has the story. OpenBSD’s leader Theo de Raadt has removed IPFilter from OpenBSD because IPFilter author Darren Reed has modified the license, which now explicitly forbids people from changing the software without Reed’s permission.

fred77 writes, “From The New Scientist.
A new European Parliament working document confirms the existence of Echelon, a secretive US-led communications surveillance network.
The document recommends that all European citizens should encrypt their email and steer clear of closed software. It recommends using open source software that can be checked for hidden backdoors.”
Full story at newscientist.com.

The Register: “Supplementary briefs have been submitted by both contestants in the appeal of
2600 publisher Eric Corely aka Emmanuel Goldstein, who was barred from posting
or linking to the DeCSS descrambling utility last summer by US District Judge Lewis
Kaplan.”

LinuxSecurity: “Malicious parties may be able to prevent a NetBSD node from
communicating with other nodes by transmitting a lot of bogus
fragmented IPv4 packets.”

Pinehead writes: “I’m sure many of you have been wondering how to use iptables to set up a basic firewall. I was wondering the same thing for a long time until I recently figured it out. I’ll try to explain the basics to at least get you started.”

First you need to know how the firewall treats packets leaving, entering, or passing through your computer. Basically there is a chain for each of these. Any packet entering your computer goes through the INPUT chain. Any packet that your computer sends out to the network goes through the OUTPUT chain. Any packet that your computer picks up on one network and sends to another goes through the FORWARD chain. The chains are half of the logic behind iptables themselves.
More at pinehead.com“

LWN: “This survey has two sections. Section one is about why and how you use LWN.net and your
assessment of our product. Section two contains demographic questions to help us group the answers of
similar people.”