Re: How to ensure the integrity of Debian mirrors?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 07 Jan 1999 10:23:46 +0100, Thomas Gebhardt wrote:
>No, the updates have not been installed. But even if there were
>some security holes it is very suspicious that these were exploited
>from different sites immediately after the installation.
I don't see it as all that unplausable. At work we get several probes on
common ports which have well-known exploits per day. At least 2-3 on IMAP4
each day alone. All it takes is for someone with a portscanner to start
hitting all IPs in a class C to see what is there and then try something.
Once they have something it isn't that unreasonable to assume they would tell
their buds about an open machine.
- --
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
ICQ: 5107343 | main connection to the switchboard of souls.
- -------------------------------+---------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.0 (C) 1997 Pretty Good Privacy, Inc
iQA/AwUBNpR+fnpf7K2LbpnFEQLLNgCfZoOLR1uHFUEwIcIEg9Jow+0/oz4An05h
L+t+zV9fJ6ckvKJCcjXpZwEX
=mchh
-----END PGP SIGNATURE-----
Reply to: