diff --git a/en/docproj/who.sgml b/en/docproj/who.sgml
index 26e17d9cca..0eb1841286 100644
--- a/en/docproj/who.sgml
+++ b/en/docproj/who.sgml
@@ -1,32 +1,32 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-06-10 10:05:45 $">
+<!ENTITY date "$Date: 1998-08-09 23:02:13 $">
 <!ENTITY title "FreeBSD Documentation Project: Who are we?">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: who.sgml,v 1.2 1998-06-10 10:05:45 wosch Exp $ -->
+<!-- $Id: who.sgml,v 1.3 1998-08-09 23:02:13 wosch Exp $ -->
 
 <html>
     &header;
 
     <p>The project is a fairly loosely knit group of people, and the only thing
       we have got in common is that we are subscribed to the mailing list
       <a href="mailto:FreeBSD-doc@FreeBSD.ORG">FreeBSD-doc@FreeBSD.ORG</a>.</p>
 
     <p>Some of us can commit changes directly to the FreeBSD documentation
       tree. The complete list of people with commit ``privs'' is in <a
-	href="http://www.freebsd.org/handbook/staff:doc.html">the
+	href="../handbook/staff:doc.html">the
 	Handbook</a>.</p>
     
     <p>Others do not have commit privs, but they write and <a
 	href="submitting.html">submit documentation</a> nonetheless. One of the
       committers will then include it in the documentation set.</p>
     
     <p>If you want to help out with the documentation project (and I fervently
       hope you do) all you have to do is subscribe to the mailing list and
       participate. As soon as you have done that you're a member of the
       project.</p>
 
       &footer
   </body>
 </html>
diff --git a/en/news/qnewsletter-1-3.sgml b/en/news/qnewsletter-1-3.sgml
index 52ed8a374d..e3cfec0852 100644
--- a/en/news/qnewsletter-1-3.sgml
+++ b/en/news/qnewsletter-1-3.sgml
@@ -1,108 +1,108 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-07-15 12:59:44 $">
+<!ENTITY date "$Date: 1998-08-09 23:02:18 $">
 <!ENTITY title "Quick NewsLetter Volume #1 Issue #3">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: qnewsletter-1-3.sgml,v 1.1 1998-07-15 12:59:44 wosch Exp $ -->
+<!-- $Id: qnewsletter-1-3.sgml,v 1.2 1998-08-09 23:02:18 wosch Exp $ -->
 
 <html>
 &header;
 
 <p align="center">
                 FreeBSD Really-Quick(TM) NewsLetter.<br>
                     Things Happening in FreeBSD.<br>
                         Volume #1 Issue #3<br>
                             July 1998<br>
 </p>
 <p></p>
 
 
 <ul>
 <li><b>General News:</b>
 Announcing CVSup 15.4.2 (This is new since last announcement).
     Release 15.4.2 of CVSup, the CVS-aware network file distribution
     system, is now available.
     <A HREF="ftp://ftp.FreeBSD.org/pub/FreeBSD/CVSup/">ftp://ftp.FreeBSD.org/pub/FreeBSD/CVSup/</A>
 <p></p></li>
 
 <li><b>Release Information:</b>
   The latest RELEASE is 2.2.6-RELEASE.  FreeBSD 2.2.7 is 
    scheduled to be released July 21st. FreeBSD 3.0 is scheduled to be 
    released October 15th.
 <p></p></li>
 
 <li><b>Microsoft Front Page Extensions:</b>
   Microsoft Front Page won't work with out Front Page Extensions.
   <A HREF="http://dailynews.yahoo.com/headlines/technology/wired/story.html?s=z/reuters">http://dailynews.yahoo.com/headlines/technology/wired/story.html?s=z/reuters</A>
 /980707/wired/stories/microsoft_1.html  (All one line)
 
   Front Page Extensions are available at:
     <A HREF="http://www.rtr.com/fpsupport/SERK/default.htm">http://www.rtr.com/fpsupport/SERK/default.htm</A>   
     <A HREF="http://www.rtr.com/fpsupport/fp98license.htm">http://www.rtr.com/fpsupport/fp98license.htm</A>
 <p></p></li>
 
 <li><b>FreeBSD-Advocacy:</b>
    <A HREF="http://editorials.freshmeat.net/jordan980713/">http://editorials.freshmeat.net/jordan980713/</A>     
 <p></p></li>
 
 <li><b>FreeBSD Desktop Contest!</b>
   <A HREF="http://www.freebsd.org/~xcontest">http://www.freebsd.org/~xcontest</A>  Win Fabulous Prizes!
 <p></p></li>
 
 <li><b>Commercial FreeBSD Products:</b>
   FunnelWeb 2.0:
     Article:  <A HREF="http://biz.yahoo.com/bw/980707/active_con_1.html">http://biz.yahoo.com/bw/980707/active_con_1.html</A>
     Homepage:  <A HREF="http://www.activeconcepts.com">http://www.activeconcepts.com</A><p>  
   SOLID SERVER:
     SOLID Server is the true plug-and-play database server for mission
      critical applications.
      <A HREF="http://www.solidtech.com/market/products/">http://www.solidtech.com/market/products/</A> 
 <p></p></li>
 
 <li><b>FreeBSD HOW-TO:</b>
   A roadmap for setting up an intranet server with FreeBSD   
   <A HREF="http://www1.tpgi.com.au/users/eirvine/freebsd/hermione.html">http://www1.tpgi.com.au/users/eirvine/freebsd/hermione.html</A>
   <p>
 
   Manual de instalacion de FreeBSD
   <A HREF="http://www.es.freebsd.org/es/docs/instalacion/index.htm">http://www.es.freebsd.org/es/docs/instalacion/index.htm</A>
 <p></p></li>
 
 <li><b>FreeBSD Sparc Porting Project:</b>
   Online programming manuals for sun4m, sun4u processors.
     <A HREF="http://www.sun.com/microelectronics/table.html">http://www.sun.com/microelectronics/table.html</A><br>
   User's Manual describing UltraSPARC specific features
     <A HREF="http://www.sun.com/microelectronics/UltraSPARC-I/">http://www.sun.com/microelectronics/UltraSPARC-I/</A><br>
 <p></p></li>
 
 <li><b>FreeBSD Alpha Porting Project:</b>
-  <A HREF="http://www.freebsd.org/alpha/alpha.html">http://www.freebsd.org/alpha/alpha.html</A>
-  <A HREF="http://www.freebsd.org/alpha/current.html">http://www.freebsd.org/alpha/current.html</A>
+  <A HREF="../alpha/alpha.html">http://www.freebsd.org/alpha/alpha.html</A>
+  <A HREF="../alpha/current.html">http://www.freebsd.org/alpha/current.html</A>
 <p></p></li>
 
 <li><b>FreeBSD Software RAID:</b>
   The fourth alpha version of vinum is now available for download at
     <A HREF="ftp://ftp.lemis.com/pub/vinum/vinumdist-11Jul.tar.gz">ftp://ftp.lemis.com/pub/vinum/vinumdist-11Jul.tar.gz</A>
 <p></p></li>
 
 <li><b>FreeBSD On-line News.</b>
   <A HREF="http://freebsd-online.ml.org/">http://freebsd-online.ml.org/</A>
 </li>
 </ul>
 
 <p>
 This is an (at least) monthly Newsletter, published only by E-mail.  
   If you have anything you would like to see in the next edition,
   please send e-mail to fbsd-book@vmunix.com
 </p>
 
 <p align="center">
         -Chris Coleman &lt;chrisc@vmunix.com>
 </p>
 <p</p>
 <a href="qnewsletter-1-2.html">Previous Quick Newsletter</a>
 
 &footer;
 </body>
 </html>
diff --git a/en/projects/newbies.sgml b/en/projects/newbies.sgml
index a8fa23f1d4..355b5065c1 100644
--- a/en/projects/newbies.sgml
+++ b/en/projects/newbies.sgml
@@ -1,254 +1,254 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-08-03 17:38:19 $">
+<!ENTITY date "$Date: 1998-08-09 23:02:18 $">
 <!ENTITY title 'Resources for newbies'>
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: newbies.sgml,v 1.5 1998-08-03 17:38:19 wosch Exp $ -->
+<!-- $Id: newbies.sgml,v 1.6 1998-08-09 23:02:18 wosch Exp $ -->
 
 <html>
     &header;
     
     <p>The following resources are some of those which FreeBSD
       newbies have found most helpful when learning to use FreeBSD.
       Please send corrections and additions to
       <a href="mailto:freebsd-newbies@freebsd.org">FreeBSD-Newbies@FreeBSD.org</a>.</p>
 
     <ul>
       <li><a href="#web-site">Using the FreeBSD web site</a></li>
       <li><a href="#fbsd">Learning about FreeBSD</a></li>
       <li><a href="#unix">Learning about UNIX</a></li>
       <li><a href="#xwin">Learning about the X Window System</a></li>
       <li><a href="#people">Helping other people</a></li>
     </ul>
 
 
     <h2><a name="web-site">Using the FreeBSD web site</a></h2>
     
     <p>This web site is the main source of up to date information about
       FreeBSD. Newbies have found the following pages particularly helpful:</p>
 
     <ul>
       <li><p><a href="../search/search.html">Search</a> the Handbook and FAQ, or the
 	  whole web site, or the archives of the FreeBSD-Questions mailing
 	  list.</p></li>
       
       <li><p>The <a href="../docs.html">Documentation</a> page has links to the
 	  Handbook and FAQ, tutorials, information about contributing to the
 	  Documentation Project, documents in languages other than English,
 	  and much more.</p></li>
       
       <li><p><a href="../support.html">Support</a> page contains a wealth of
 	  information about FreeBSD, including mailing lists, user groups, web
 	  and FTP sites, release information, and links to some sources of
 	  UNIX information.</p></li>
     </ul>
 
     <h2><a name="fbsd">Learning about FreeBSD</a></H2>
 
     <ul>
       <li><p>If you haven't installed yet, look for the
           &a.latest.ann;latest mainstream release</a>.
           (See the Handbook for why you should <strong>not</strong> be tempted
           by any of the other branches.) Before you begin, carefully read the
           <a href="../handbook/install.html">installation instructions</a>,
           as well as each one of the *.TXT files in the FTP directory
           or on the installation CD. They are there because they contain information
           that you will need. Also pick up the latest
-          <a href="http://www.freebsd.org/releases/index.html">errata file</a>
+          <a href="../releases/index.html">errata file</a>
           from the web site, in case it has been updated.</p>
 
          <p>If you decide to download FreeBSD, check whether these illustrated and
           expanded <a href="http://www.lemis.com/handbook/what-to-download.html">download
           instructions</a> for a previous version are still available before
           you begin. That should make the whole process a lot clearer.</p></li>
 
       <li><p>A number of <a href="../tutorials/">tutorials</a> are available. The
 	  one <a href="../tutorials/newuser/newuser.html">For People New to Both
 	    FreeBSD and Unix</a> is popular with absolute beginners. You don't
 	  have to know much about anything to enjoy this one. It is also
 	  available from <a
 	    href="http://andrsn.stanford.edu/FreeBSD/newuser.html">the
 	    author's site</a> and can be downloaded in <a
 	    href="ftp://andrsn.stanford.edu/pub/">postscript or RTF format</a>
 	  for printing.</p></li>
       
       <li><p>The first thing many people need to set up is ppp, and there is
           a lot of documentation to help. You might start with at least those
           parts of the
           <a href="../tutorials/ppp/ppp.html">Pedantic PPP Primer</a>
           that are relevant to your needs, and explore the
           <a href="http://www.awfulhak.org/ppp.html">ppp page</a>
           for links to the other valuable information and the latest updates.</p></li>
 
       <li><p><a name="cfbsd" href="http://www.cdrom.com/titles/os/bsdbook2.htm">The
 	    Complete FreeBSD</a> by Greg Lehey, published by Walnut Creek
 	  CDROM. This book assumes minimal UNIX experience and takes the
 	  beginner step by step through each stage from installation to
 	  everything you need to know to set up and run a FreeBSD system. You
 	  also get to understand what you're doing and why.</p></li>
       
       <li><p>The <a href="../handbook/handbook.html">FreeBSD Handbook</a> and <a
 	    href="../FAQ/FAQ.html">Frequently Asked Questions (FAQ)</a> are the
 	  main documents for FreeBSD. Essential reading, they contain a lot of
 	  material for newbies as well as some pretty advanced stuff. Don't
 	  worry if you can't understand the advanced sections. The handbook
 	  contains the installation instructions and also provides lists of
 	  books and on line resources, and the FAQ has a troubleshooting
 	  section.</p></li>
       
       <li><p>Join the FreeBSD-Questions mailing list to see the questions you
 	  were too afraid to ask, and their answers. Subscribe by sending mail
 	  to <a href="mailto:majordomo@freebsd.org">majordomo@freebsd.org</a>
 	  with "subscribe freebsd-questions" on its own in the message body
 	  (the subject doesn't matter). You can look up old questions and
 	  answers via the <a href="../search/search.html#mailinglists">search</a>
 	  page.</p></li>
     
       <li><p>The main newsgroup for FreeBSD is <a
 	    href="news:comp.unix.bsd.freebsd.misc">comp.unix.bsd.freebsd.misc</a>. You might want to keep an eye on <a href="news:comp.unix.bsd.freebsd.announce">comp.unix.bsd.freebsd.announce</a> as well.</p></li>
       
       <li><p><strong>Man pages</strong> are good for reference but not always
 	  the best introduction for a novice. The more you work with man pages
 	  the more familiar they become. Some are very good for newbies, so
 	  always check them out. The ppp man page, for example, is more like a
 	  tutorial.</p></li>
     </ul>
 
     <h2><a name="unix">Learning about UNIX</a></h2>
 
     <p>Many of the problems we have as newbies come from being unfamiliar
       with the UNIX commands needed to fix our FreeBSD problems.
       Without a UNIX background you'll be faced with two things to learn
       at once. Fortunately a lot of resources are available to make this
       easier.</p>
 
     <ul>
       <li><p>There are many easy books, such as the "Dummies" guides, in any
 	  large book shop. If you want something really easy, take a look at
 	  what is available and pick one that seems to speak your language.
 	  Pretty soon you will want to move on to a book that gives more
 	  coverage.</p></li>
       
       <li><p>One book mentioned frequently by newbies is <a name="ufti"><em>UNIX for
 	  the Impatient</em></a> by Paul W. Abrahams and Bruce R. Larson, published
 	  by Addison-Wesley. It is intended both as a book for learning UNIX
 	  and a reference, and includes an introduction to UNIX concepts and
 	  handy chapter on using the X Window System.</p></li>
       
       <li><p>Another popular book is <em>UNIX Power Tools</em> by Jerry Peek,
 	  Tim O'Reilly and Mike Loukides, published by O'Reilly and
 	  Associates. It is organised as a series of short articles each of
 	  which solves a problem, and these articles are cross-referenced to
 	  other articles with related material. Though not specifically aimed
 	  at newbies, the design makes it ideal for a newbie with a burning
 	  question or the odd few minutes to browse. More elementary material
 	  is near the front of the book, but there are short easy articles
 	  throughout.</p></li>
       
       <li><p>A <a
 	    href="http://www-wks.acs.ohio-state.edu/unix_course/unix.html">UNIX Introductory Course</a>
            from Ohio State University is available online in HTML,
            postscript and Acrobat PDF formats.</p></li>
       
       <li><p><a href="http://www.ucs.ed.ac.uk/~unixhelp/servers.html">UNIXhelp
 	    for Users</a> is another introductory guide which is available in
 	  HTML at a mirror site near you, or can be installed on your own
 	  system.</p></li>
       
       <li><p>UNIX questions are dealt with in the newsgroup <a
 	    href="news:comp.unix.questions">comp.unix.questions</a> and the
 	  associated <a
 	  href="http://www.cis.ohio-state.edu/hypertext/faq/usenet/unix-faq/faq/top.html"> Frequently Asked Questions</a>. You can also get a copy of the <a href="ftp://rtfm.mit.edu/pub/usenet/news.answers/unix-faq/faq/">FAQ</a>
           from the RMIT FTP site. Newbies are likely to be most interested in
           sections 1 and 2 initially.</p></li>
       
       <li><p>Another interesting newsgroup is <a
 	    href="news:comp.unix.user-friendly">comp.unix.user-friendly</a>
 	  which also has a  <a
 	    href="http://www.camelcity.com/~noel/usenet/cuuf-FAQ.htm">FAQ</a>.
 	  Although this newsgroup is for discussing user-friendliness, it can
 	  contain some good information for newbies. The <a
 	    href="ftp://rtfm.mit.edu/pub/usenet/news.answers/unix-faq/user-friendly">FAQ</a> is also available by FTP.</p></li>
       
       <li><p>Many other web sites hold lists of UNIX tutorials and reference
 	  material. One of the best places to start looking is the UNIX page
 	  at <a
 	    href="http://www.yahoo.com/Computers_and_Internet/Software/Operating_Systems/Unix/">Yahoo!</a>.</p></li>
       
     </ul>
 
     <h2><a name="xwin">Learning about the X Window System</a></h2>
 
     <p>The X Window System is used with a number of operating systems,
       including FreeBSD. The documentation for X can be found at
       <a href="http://www.xfree86.org/">The XFree86 Project, Inc.</a>,
       including the
       <a href="http://www.xfree86.org/FAQ/index.html">XFree86 FAQ</a>.
       Beware, much of this documentation is reference material which is
       likely to be difficult for newcomers to digest.</p>
 
     <ul>
     <li><p>For basic information about installing, configuring and using the
       X Window System, two of the books mentioned above have sections
       dealing with X at beginner level:
       <a href="#cfbsd">The Complete FreeBSD</a> and
       <a href="#ufti">UNIX for the Impatient</a>.</p></li>
 
     <li><p>There is an easy and informative section on
       <a href="http://linuxwww.db.erau.edu/LUG/node41.html">using
       the X Window System</a> in the Linux
       <a href="ftp://sunsite.unc.edu/pub/Linux/docs/LDP/users-guide">Users' Guide</a>.
       Interesting material will be found elsewhere in that document too, but
       remember that Linux does not always work exactly the same as FreeBSD.</p></li>
 
     <li><p>Before you can get X running exactly the way you like, you will need
       to choose a window manager.
       Visit the <a href="http://www.PLiG.org/xwinman">Window Managers for X</a>
       page and follow the link to the introduction to find out about window
       managers, then return and read "The Basics". Then go back and compare
       the different types that are available. (Bonus: there's another
       beginners guide to UNIX there too.)
       Most if not all of these window managers are available to
       install from the FreeBSD ports collection.</p></li>
     </ul>
 
     <h2><a name="people">Helping other people</a></h2>
 
     <p>Everyone has something to contribute to the FreeBSD community, even
      newbies! Some are busy working with the new advocacy group and some have
      become involved with the
      <a href="../docproj/docproj.html">Documentation Project</a> as reviewers.
      Other FreeBSD newbies might have particular skills and experiences to
      share, either computer related or not, or just want to meet new
      newbies and make them feel welcome. There's always people around
      who help others simply because they like to. Write to
      <a href="mailto:freebsd-newbies@freebsd.org">FreeBSD Newbies</a>
      for more information.</p>
 
     <p>Friends who run FreeBSD are a great resource. No book can replace
       chatting on the phone or across a pizza with someone who has the
       same interests, enjoys similar accomplishments, and faces the same
       challenges. If you don't have many friends who use FreeBSD,
       consider using your old FreeBSD CDs to create some more :-)</p>
 
     <p><a href="../support.html#user">User groups</a> are
       good places to meet other FreeBSD users. If there's not one nearby,
       maybe you could start one.</p>
     
     <p>Before talking to real humans about your new skills, you might
       want to check the <a
       href="http://manuel.brad.ac.uk/help/.faq/.unix/.pronun.html">Pronunciation Guide</a>
       and the <a
       href="http://www.wins.uva.nl/~mes/jargon/">Jargon File</a> :-)</p>
 
     <p>On line we have the
       <a href="http://www.welearn.com.au/freebsd/newbies/">FreeBSD-Newbies</a>
       mailing list for non-technical discussions about matters of interest
       to newbies. Another mailing list,
       <a href="mailto:questions@freebsd.org">FreeBSD-Questions</a>,
       answers our questions about using FreeBSD.</p>
     
       &footer;
   </body>
 </html>
diff --git a/en/security/advisories.xml b/en/security/advisories.xml
index be6cf68911..e7618d66cd 100644
--- a/en/security/advisories.xml
+++ b/en/security/advisories.xml
@@ -1,206 +1,206 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
+<!ENTITY date "$Date: 1998-08-09 23:02:19 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: advisories.xml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
+<!-- $Id: advisories.xml,v 1.4 1998-08-09 23:02:19 wosch Exp $ -->
 
 <html>
     &header;
 
 <P>This guide attempts to document some of the tips and tricks used by
 many FreeBSD security experts for securing systems and writing secure
 code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
  less likely introduce security holes in the first place.</P>
 
 <P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
 FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
 <H2>The FreeBSD security officer</H2>
 
 <P>FreeBSD takes security seriously, a dedicated team of security officers
 providing a focal point for security related communications. A security
 officers' main task is to send out advisories when there are known security
 holes and otherwise keep abreast of security issues.  The security officers
 also communicate with the various <A HREF="http://www.cert.org">CERT</A>
 and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
 sharing information about vulnerabilities in FreeBSD or utilities commonly
 used by FreeBSD, and keeping up to date on security issues in the world at
 large.  The security officers are also active members of those
 organizations.</P>
 
 <P>When you need to contact the security officers about a sensitive matter,
 please use their
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
 to encrypt your message before sending it.</P>
 
 <H2>FreeBSD security advisories:</H2>
 
 <P>The FreeBSD security officers provide security advisories for
 the following releases of FreeBSD:</P>
 
 <UL>
 <LI>	the most recent official release of FreeBSD,
 <LI>	FreeBSD-current,
 <LI>	FreeBSD-stable, when at least 2 releases are based on it.
 <LI>	the previous FreeBSD-stable when a "new stable" does not
         yet have 2 releases based on it.
 </UL>
 
 At this time, security advisories are available for:
 <UL>
 <LI>	FreeBSD 2.2.6
 <LI>	FreeBSD-current
 <LI>	FreeBSD-stable
 </UL>
 
 <P>Older releases will not be actively maintained and users are strongly
 encouraged to upgrade to one of the supported releases.</P>
 
 <P>An advisory will be sent out when a security hole exists that is
 either being actively abused (as indicated to us via reports from end
 users or CERT like organizations), or when the security hole is public
 knowledge (e.g. because a report has been posted to a public mailing
 list).</P>
 
 <P>Like all development efforts, security fixes are first brought into
-the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+the <A HREF="../handbook/current.html">FreeBSD-current</A>
 branch.  After a couple of days and some testing, the fix is retrofitted
 into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
 
 <P>Advisories are sent to the following FreeBSD mailing lists:
 <UL>
 <LI>FreeBSD-security-notifications@freebsd.org
 <LI>FreeBSD-security@freebsd.org
 <LI>FreeBSD-announce@freebsd.org
 </UL>
 
 <P>Advisories are always signed using the FreeBSD security officer
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
 and are archived, along with their associated patches, at our
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
 repository</A>.  At the time of this writing, the following advisories are
 currently available:</P>
 
 <UL>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
 </UL>
 
 <H2>FreeBSD security related information</H2>
 
 <P>If you want to stay up to date on FreeBSD security, you can subscribe
 yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
 freebsd-security-notification	Security notifications (moderated mailing list)
 </PRE>
 
 Send mail to <A HREF="mailto:majordomo@freebsd.org">majordomo@FreeBSD.ORG</A>
 with
 <PRE>
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
 
 <H2>What to do when you detect a security compromise:</H2>
 
 <UL>
 <LI><B>Determine the level of security breach:</B><BR>
 What privilege did the attack get? That of another user or more (up to
 root privileges)?</LI>
 
 <LI><B>Determine those parts of the system which are not in their original state
 anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
 package also keeps MD5 checksums, though be aware that tripwire might
 be tampered with as well and be sure and use a known-good copy.</LI>
 
 <LI><B>Find out how the breakin was done:</B><BR>
 Via a well-known security bug? A misconfiguration?  If it's a new bug,
 you should warn the <A HREF="mailto:security-officer@freebsd.org">
 FreeBSD Security Officer</A>.</LI>
 
 <LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
 a fix quickly, you should temporarily disable remote access to your system
 until you have done so.</LI>
 </UL>
 
 <P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
 local authorities. The choice is up to you.</LI>
 
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
 the chance the cracker wipes your disk. The choice is up to you.</LI>
 
 </UL>
 
 <H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
 
 <P>There are several steps involved in securing a FreeBSD system, or in
 fact, any UNIX system:</P>
 
 <H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
 <H2>Other useful security information:</H2>
 
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
 	Contains a huge collection of security related material.</LI>
 
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
 	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
 	security...and more...</LI>
 
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
 	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
 
 <LI>Mailing lists: Bugtraq, BOS, etc.</LI>
 
 </UL>
 
       &footer
   </body>
 </html>
diff --git a/en/security/security.sgml b/en/security/security.sgml
index 2b03534fab..57a9d92946 100644
--- a/en/security/security.sgml
+++ b/en/security/security.sgml
@@ -1,206 +1,206 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
+<!ENTITY date "$Date: 1998-08-09 23:02:19 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: security.sgml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
+<!-- $Id: security.sgml,v 1.4 1998-08-09 23:02:19 wosch Exp $ -->
 
 <html>
     &header;
 
 <P>This guide attempts to document some of the tips and tricks used by
 many FreeBSD security experts for securing systems and writing secure
 code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
  less likely introduce security holes in the first place.</P>
 
 <P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
 FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
 <H2>The FreeBSD security officer</H2>
 
 <P>FreeBSD takes security seriously, a dedicated team of security officers
 providing a focal point for security related communications. A security
 officers' main task is to send out advisories when there are known security
 holes and otherwise keep abreast of security issues.  The security officers
 also communicate with the various <A HREF="http://www.cert.org">CERT</A>
 and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
 sharing information about vulnerabilities in FreeBSD or utilities commonly
 used by FreeBSD, and keeping up to date on security issues in the world at
 large.  The security officers are also active members of those
 organizations.</P>
 
 <P>When you need to contact the security officers about a sensitive matter,
 please use their
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
 to encrypt your message before sending it.</P>
 
 <H2>FreeBSD security advisories:</H2>
 
 <P>The FreeBSD security officers provide security advisories for
 the following releases of FreeBSD:</P>
 
 <UL>
 <LI>	the most recent official release of FreeBSD,
 <LI>	FreeBSD-current,
 <LI>	FreeBSD-stable, when at least 2 releases are based on it.
 <LI>	the previous FreeBSD-stable when a "new stable" does not
         yet have 2 releases based on it.
 </UL>
 
 At this time, security advisories are available for:
 <UL>
 <LI>	FreeBSD 2.2.6
 <LI>	FreeBSD-current
 <LI>	FreeBSD-stable
 </UL>
 
 <P>Older releases will not be actively maintained and users are strongly
 encouraged to upgrade to one of the supported releases.</P>
 
 <P>An advisory will be sent out when a security hole exists that is
 either being actively abused (as indicated to us via reports from end
 users or CERT like organizations), or when the security hole is public
 knowledge (e.g. because a report has been posted to a public mailing
 list).</P>
 
 <P>Like all development efforts, security fixes are first brought into
-the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+the <A HREF="../handbook/current.html">FreeBSD-current</A>
 branch.  After a couple of days and some testing, the fix is retrofitted
 into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
 
 <P>Advisories are sent to the following FreeBSD mailing lists:
 <UL>
 <LI>FreeBSD-security-notifications@freebsd.org
 <LI>FreeBSD-security@freebsd.org
 <LI>FreeBSD-announce@freebsd.org
 </UL>
 
 <P>Advisories are always signed using the FreeBSD security officer
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
 and are archived, along with their associated patches, at our
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
 repository</A>.  At the time of this writing, the following advisories are
 currently available:</P>
 
 <UL>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
 </UL>
 
 <H2>FreeBSD security related information</H2>
 
 <P>If you want to stay up to date on FreeBSD security, you can subscribe
 yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
 freebsd-security-notification	Security notifications (moderated mailing list)
 </PRE>
 
 Send mail to <A HREF="mailto:majordomo@freebsd.org">majordomo@FreeBSD.ORG</A>
 with
 <PRE>
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
 
 <H2>What to do when you detect a security compromise:</H2>
 
 <UL>
 <LI><B>Determine the level of security breach:</B><BR>
 What privilege did the attack get? That of another user or more (up to
 root privileges)?</LI>
 
 <LI><B>Determine those parts of the system which are not in their original state
 anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
 package also keeps MD5 checksums, though be aware that tripwire might
 be tampered with as well and be sure and use a known-good copy.</LI>
 
 <LI><B>Find out how the breakin was done:</B><BR>
 Via a well-known security bug? A misconfiguration?  If it's a new bug,
 you should warn the <A HREF="mailto:security-officer@freebsd.org">
 FreeBSD Security Officer</A>.</LI>
 
 <LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
 a fix quickly, you should temporarily disable remote access to your system
 until you have done so.</LI>
 </UL>
 
 <P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
 local authorities. The choice is up to you.</LI>
 
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
 the chance the cracker wipes your disk. The choice is up to you.</LI>
 
 </UL>
 
 <H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
 
 <P>There are several steps involved in securing a FreeBSD system, or in
 fact, any UNIX system:</P>
 
 <H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
 <H2>Other useful security information:</H2>
 
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
 	Contains a huge collection of security related material.</LI>
 
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
 	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
 	security...and more...</LI>
 
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
 	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
 
 <LI>Mailing lists: Bugtraq, BOS, etc.</LI>
 
 </UL>
 
       &footer
   </body>
 </html>
diff --git a/share/sgml/advisories.xml b/share/sgml/advisories.xml
index be6cf68911..e7618d66cd 100644
--- a/share/sgml/advisories.xml
+++ b/share/sgml/advisories.xml
@@ -1,206 +1,206 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN" [
 <!ENTITY base CDATA "..">
-<!ENTITY date "$Date: 1998-07-24 08:34:18 $">
+<!ENTITY date "$Date: 1998-08-09 23:02:19 $">
 <!ENTITY title "FreeBSD Security Guide">
 <!ENTITY % includes SYSTEM "../includes.sgml"> %includes;
 ]>
-<!-- $Id: advisories.xml,v 1.3 1998-07-24 08:34:18 jkh Exp $ -->
+<!-- $Id: advisories.xml,v 1.4 1998-08-09 23:02:19 wosch Exp $ -->
 
 <html>
     &header;
 
 <P>This guide attempts to document some of the tips and tricks used by
 many FreeBSD security experts for securing systems and writing secure
 code.  It is designed to help you learn about the various ways of protecting
 a FreeBSD system against outside attacks and how to recover from such attacks
 if and when they should happen.  It also lists the various ways in which
 the systems programmer can become more security conscious so he will
  less likely introduce security holes in the first place.</P>
 
 <P>We welcome your comments on the contents and correctness of this page.
 Please send email to the <A HREF="mailto:security-officer@FreeBSD.org">
 FreeBSD Security Officers</A> if you have changes you'd like to see here.</P>
 
 <H2>The FreeBSD security officer</H2>
 
 <P>FreeBSD takes security seriously, a dedicated team of security officers
 providing a focal point for security related communications. A security
 officers' main task is to send out advisories when there are known security
 holes and otherwise keep abreast of security issues.  The security officers
 also communicate with the various <A HREF="http://www.cert.org">CERT</A>
 and <A HREF="http://www.first.org/">FIRST</A> teams around the world,
 sharing information about vulnerabilities in FreeBSD or utilities commonly
 used by FreeBSD, and keeping up to date on security issues in the world at
 large.  The security officers are also active members of those
 organizations.</P>
 
 <P>When you need to contact the security officers about a sensitive matter,
 please use their
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
 to encrypt your message before sending it.</P>
 
 <H2>FreeBSD security advisories:</H2>
 
 <P>The FreeBSD security officers provide security advisories for
 the following releases of FreeBSD:</P>
 
 <UL>
 <LI>	the most recent official release of FreeBSD,
 <LI>	FreeBSD-current,
 <LI>	FreeBSD-stable, when at least 2 releases are based on it.
 <LI>	the previous FreeBSD-stable when a "new stable" does not
         yet have 2 releases based on it.
 </UL>
 
 At this time, security advisories are available for:
 <UL>
 <LI>	FreeBSD 2.2.6
 <LI>	FreeBSD-current
 <LI>	FreeBSD-stable
 </UL>
 
 <P>Older releases will not be actively maintained and users are strongly
 encouraged to upgrade to one of the supported releases.</P>
 
 <P>An advisory will be sent out when a security hole exists that is
 either being actively abused (as indicated to us via reports from end
 users or CERT like organizations), or when the security hole is public
 knowledge (e.g. because a report has been posted to a public mailing
 list).</P>
 
 <P>Like all development efforts, security fixes are first brought into
-the <A HREF="http://www.freebsd.org/handbook/current.html">FreeBSD-current</A>
+the <A HREF="../handbook/current.html">FreeBSD-current</A>
 branch.  After a couple of days and some testing, the fix is retrofitted
 into the supported FreeBSD-stable branch(es) and an advisory then sent out.</P>
 
 <P>Advisories are sent to the following FreeBSD mailing lists:
 <UL>
 <LI>FreeBSD-security-notifications@freebsd.org
 <LI>FreeBSD-security@freebsd.org
 <LI>FreeBSD-announce@freebsd.org
 </UL>
 
 <P>Advisories are always signed using the FreeBSD security officer
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc">PGP key</A>
 and are archived, along with their associated patches, at our
 <A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/index.html">FTP CERT
 repository</A>.  At the time of this writing, the following advisories are
 currently available:</P>
 
 <UL>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:01.sliplogin.asc">FreeBSD-SA-96:01.sliplogin.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:02.apache.asc">FreeBSD-SA-96:02.apache.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:03.sendmail-suggestion.asc">FreeBSD-SA-96:03.sendmail-suggestion.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:08.syslog.asc">FreeBSD-SA-96:08.syslog.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:09.vfsload.asc">FreeBSD-SA-96:09.vfsload.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:10.mount_union.asc">FreeBSD-SA-96:10.mount_union.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:11.man.asc">FreeBSD-SA-96:11.man.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:12.perl.asc">FreeBSD-SA-96:12.perl.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:13.comsat.asc">FreeBSD-SA-96:13.comsat.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:14.ipfw.asc">FreeBSD-SA-96:14.ipfw.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:15.ppp.asc">FreeBSD-SA-96:15.ppp.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:16.rdist.asc">FreeBSD-SA-96:16.rdist.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:17.rzsz.asc">FreeBSD-SA-96:17.rzsz.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:18.lpr.asc">FreeBSD-SA-96:18.lpr.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:19.modstat.asc">FreeBSD-SA-96:19.modstat.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:20.stack-overflow.asc">FreeBSD-SA-96:20.stack-overflow.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-96:21.talkd.asc">FreeBSD-SA-96:21.talkd.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:01.setlocale">FreeBSD-SA-97:01.setlocale</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:02.lpd.asc">FreeBSD-SA-97:02.lpd.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:03.sysinstall.asc">FreeBSD-SA-97:03.sysinstall.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:04.procfs.asc">FreeBSD-SA-97:04.procfs.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:05.open.asc">FreeBSD-SA-97:05.open.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-97:06.f00f.asc">FreeBSD-SA-97:06.f00f.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:01.land.asc">FreeBSD-SA-98:01.land.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:02.mmap.asc">FreeBSD-SA-98:02.mmap.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:03.ttcp.asc">FreeBSD-SA-98:03.ttcp.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:04.mmap.asc">FreeBSD-SA-98:04.mmap.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:05.nfs.asc">FreeBSD-SA-98:05.nfs.asc</A></LI>
 <LI><A HREF="ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-98:06.icmp.asc">FreeBSD-SA-98:06.icmp.asc</A></LI>
 </UL>
 
 <H2>FreeBSD security related information</H2>
 
 <P>If you want to stay up to date on FreeBSD security, you can subscribe
 yorself to one of the following mailing lists:</P>
 
 <PRE>
 freebsd-security		General security related discussion
 freebsd-security-notification	Security notifications (moderated mailing list)
 </PRE>
 
 Send mail to <A HREF="mailto:majordomo@freebsd.org">majordomo@FreeBSD.ORG</A>
 with
 <PRE>
      subscribe &lt;listname&gt;  [&lt;optional address&gt;]
 </PRE>
 in the body of the message in order to subscribe yourself.
 
 <H2>What to do when you detect a security compromise:</H2>
 
 <UL>
 <LI><B>Determine the level of security breach:</B><BR>
 What privilege did the attack get? That of another user or more (up to
 root privileges)?</LI>
 
 <LI><B>Determine those parts of the system which are not in their original state
 anymore:</B><BR>
 What software has been tampered with? You may decide to re-install the
 operating system from a safe medium, or you might have MD5 checksums of
 the original software with which you can check your system. The tripwire
 package also keeps MD5 checksums, though be aware that tripwire might
 be tampered with as well and be sure and use a known-good copy.</LI>
 
 <LI><B>Find out how the breakin was done:</B><BR>
 Via a well-known security bug? A misconfiguration?  If it's a new bug,
 you should warn the <A HREF="mailto:security-officer@freebsd.org">
 FreeBSD Security Officer</A>.</LI>
 
 <LI><B>Fix the hole(s):</B><BR>
 Install new software that fixes the problems. If you aren't able to get
 a fix quickly, you should temporarily disable remote access to your system
 until you have done so.</LI>
 </UL>
 
 <P><B>Other questions you may ask yourself are:</B></P>
 <UL>
 <LI>Who do I warn? You can contact the security officer, or even the
 local authorities. The choice is up to you.</LI>
 
 <LI>Do I want to trace the person responsible? By not fixing the hole
 right away, you have a chance to catch the cracker. Then again, you have
 the chance the cracker wipes your disk. The choice is up to you.</LI>
 
 </UL>
 
 <H2><A href="secure.html">How to secure a FreeBSD system</A></H2>
 
 <P>There are several steps involved in securing a FreeBSD system, or in
 fact, any UNIX system:</P>
 
 <H2><a href="programmers.html">Security Do's and Don'ts for Programmers</a></H2>
 
 <H2>Other useful security information:</H2>
 
 <UL>
 <LI><A href="http://www.cs.purdue.edu/coast/archive/index.html">The COAST
 	archive</A>
 	Contains a huge collection of security related material.</LI>
 
 <LI><A href="http://www.cs.purdue.edu/homes/spaf/hotlists/csec.htm">
 	The COAST Security hotlist</A>
 	This page is THE place to start looking for security related
 	material. It contains hundreds of useful
 	security pointers. Everything you always wanted to know about
 	security...and more...</LI>
 
 <LI>The various CERTs (e.g. <A href="http://www.cert.org">www.cert.org</A> and
 	<A href="http://www.auscert.org.au">www.auscert.org.au</A>)</LI>
 
 <LI>Mailing lists: Bugtraq, BOS, etc.</LI>
 
 </UL>
 
       &footer
   </body>
 </html>