LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] rooted!!

[ILUG] rooted!!

Martin Pegman pegmanm at media.mit.edu
Tue Feb 19 10:05:14 GMT 2002 

This doesn't surprise me at all. 
I was politically forced to install a machine that I wanted no part of 
that had to run a notoriously insecure protocol. I secured the machine 
to a degree ( but obiously not enough ) so now if I'm going to run this 
service I want to do it on a OS that I am more familiar with. 
I started out on Free/OpenBSD so that is where I am going to start out from .

Basically I fell foul of the first and simplest rule:  even with your
IDS's your logcheckers and firewall rules all fine and dandy 
if you take your eye of the ball your screwed.
It was laziness ! I've trwartwed attempts in the past and my over confidence 
got me.

Regards
Martin P





Quoting Paul Kelly <longword at esatclear.ie>:

> Martin Pegman wrote:
> > 	It would appear that one of my older RH 6.2 boxes has been rooted. 
> 
> This surprises you?
> 
> No OS or distribution is secure. Not OpenBSD, and certainly not RedHat
> 
> 6.2. You can't install a box and forget about it. Without patches, and
> 
> with the default set of services running you can expect RedHat 6.2 to be
> 
> exploited within a few hours. More recent distributions such as RedHat
> 
> 7.2 run fewer services by default and of course come with more recent 
> and less vulnerable packages out-of-the-box.
> 
> Security is an on-going process. You have to watch for and religiously
> 
> apply package updates as they appear. I find a daily read of 
> linuxtoday.com is a neat way of keeping on top of things.
> 
> Paul.
> 
> 
> -- 
> Irish Linux Users' Group: ilug at linux.ie
> http://www.linux.ie/mailman/listinfo/ilug for (un)subscription
> information.
> List maintainer: listmaster at linux.ie
>

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell