Re: on potato's proftpd

To: martin f krafft <madduck@madduck.net>
Cc: debian developers <debian-devel@lists.debian.org>
Subject: Re: on potato's proftpd
From: Mark Eichin <eichin@thok.org>
Date: 04 Apr 2002 15:54:24 -0500
Message-id: <[🔎] xe17knnuqv3.fsf@swat.thok.org>
In-reply-to: martin f krafft's message of "Thu, 4 Apr 2002 20:55:42 +0200"
References: <20020331155335.GA31573@fishbowl.madduck.net> <20020331180924.GU23034@wiggy.net> <[🔎] 20020402102744.GA26747@fishbowl.madduck.net> <[🔎] 20020402105001.GM23034@wiggy.net> <[🔎] 20020402164104.GA19756@fishbowl.madduck.net> <20020402204056.GB3973@sven.home.hoaxter.de> <[🔎] 20020403012239.GB22638@fishbowl.madduck.net> <[🔎] 20020403053253.GP31161@micromuse.com> <[🔎] 20020403230626.GE19622@fishbowl.madduck.net> <[🔎] 20020403191154.A3604@justice.loyola.edu> <[🔎] 20020404185542.GA11934@fishbowl.madduck.net>

> will do, sorry. a DOS is still a form of exploit - you exploit

One way to clarify your thinking about this: to repair a DOS problem,
you simply need to fix the effected service (with a big hammer, like
"apt-get remove" or an ip firewall entry, or with more subtle tools
like fixing the bug and upgrading the packages.  Or depending on your
available bandwidth, "ignore it" :-)

To recover from an exploit, you've completely lost trust in the
machine and may have to reinstall the entire system to recover from
it.  This is a totally different order of problem.  

(of course, we are talking about proftpd here -- I'm surprised anyone
cares about the DOS issue, given that it's had sendmail-like levels of
security flaws over time -- they're enough reason to remove it
altogether...) 


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>
- Re: on potato's proftpd
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>
- Re: on potato's proftpd
  - From: Nathan E Norman <nnorman@micromuse.com>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>
- Re: on potato's proftpd
  - From: Michael Stone <mstone@debian.org>
- Re: on potato's proftpd
  - From: martin f krafft <madduck@madduck.net>

Prev by Date: Bug#141206: Ghostscript: Copyright problem, possible reorg, upcoming maintainer change
Next by Date: Re: Description to man pages
Previous by thread: Re: on potato's proftpd
Next by thread: Re: on potato's proftpd
Index(es):
- Date
- Thread