Re: on potato's proftpd
> will do, sorry. a DOS is still a form of exploit - you exploit
One way to clarify your thinking about this: to repair a DOS problem,
you simply need to fix the effected service (with a big hammer, like
"apt-get remove" or an ip firewall entry, or with more subtle tools
like fixing the bug and upgrading the packages. Or depending on your
available bandwidth, "ignore it" :-)
To recover from an exploit, you've completely lost trust in the
machine and may have to reinstall the entire system to recover from
it. This is a totally different order of problem.
(of course, we are talking about proftpd here -- I'm surprised anyone
cares about the DOS issue, given that it's had sendmail-like levels of
security flaws over time -- they're enough reason to remove it
altogether...)
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: