shell access exploits (was Re: upgrading to MySQL 4 on woody)
> I have at most a week from a known kernel exploit to when one of my users
> tries to exploit via shell access.
One of my hats is a junior sys admin in an academic environment. I'm
curious as to how you know when shell users are trying to exploit a kernel
hole.
In another non academic environment and based on info from this list, I've
been running snoopy with an eye to grepping the logs for naughiness....
#########
On Mon, 19 Jan 2004, Lucas Albers wrote:
>
> Rod Rodolico said:
>
> > Becoming a firm believer that you CAN have it all, stability and the
> > latest packages :)
> >
> > There are other places to get backports, BTW. This one works for me.
> >
> Rod,
> Yes I agree with your statements.
> Thanks for the link I'll use it on one of my systems...
>
> But you don't explicitly have security, you have the testing delay for
> security updates, combined with the propagation time to backports from
> testing.
>
> I'm still leery of using testing for any publicly exposed service, or for
> machines with shell access.
> I have at most a week from a known kernel exploit to when one of my users
> tries to exploit via shell access.
>
> --Luke CS Sysadmin, Montana State University-Bozeman
>
>
>
Reply to: