[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: on potato's proftpd

> will do, sorry. a DOS is still a form of exploit - you exploit

One way to clarify your thinking about this: to repair a DOS problem,
you simply need to fix the effected service (with a big hammer, like
"apt-get remove" or an ip firewall entry, or with more subtle tools
like fixing the bug and upgrading the packages.  Or depending on your
available bandwidth, "ignore it" :-)

To recover from an exploit, you've completely lost trust in the
machine and may have to reinstall the entire system to recover from
it.  This is a totally different order of problem.  

(of course, we are talking about proftpd here -- I'm surprised anyone
cares about the DOS issue, given that it's had sendmail-like levels of
security flaws over time -- they're enough reason to remove it

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: