[huskerlug] Re: CERT Advisory

The problem comes when there is a gaping hole in one of the core
programs.(Buffer overflow @ the kernel level, Apache hole, ssh buffer overflow,
etc)  These are programs that are used the world around and those ports,
specialy Apache and ssh, are open on firewalls.  The only way to protect
yourself against attacks like that is to patch as soon as the patch comes out. 
The problem is that, by the time the patch has come out, a couple of systems may
already be compromised, and 1 of those systems might be the one you have in your
apartment or room.....

-Cesar


Quoting GreyGeek <jkreps@xxxxxxxxxx>:

> On Thursday 14 August 2003 09:13 am, you wrote:
> > That was on Slashdot yesterday.  It's a horrible thing, but it
> > kinda' makes me fell better though.  If GNU got hacked, then I
> > don't feel as bad as I did about being hacked. Although theirs was
> > probably a real hacker and mine was only a script-kiddy....
> 
> I know that cracking WinXX boxes is no trick at all  - 7th graders=20
> have done it using scripts.  But, do you think a "script-kiddy" has=20
> enough knowledge and ability to crack into a Linux distro, even
> with=20
> 'linux scripts'?   Say one running Shorewall with total stealth on=20
> all ports vs. one with "standard" security that most distros=20
> implement?
> =2D=20
> Remember, the Ark was built by amateurs; the Titanic by professionals
> GrayGeek
> 
> ----
> Husker Linux Users Group mailing list
> To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx
> with a subject of UNSUBSCRIBE
> 
> 

----
Husker Linux Users Group mailing list
To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx
with a subject of UNSUBSCRIBE

Other related posts: