Re: Debian Stable server hacked

To: debian-security@lists.debian.org
Subject: Re: Debian Stable server hacked
From: Thijs Welman <thijs@balpol.tudelft.nl>
Date: Thu, 07 Aug 2003 19:03:13 +0200
Message-id: <[🔎] 3F328651.8030009@balpol.tudelft.nl>
In-reply-to: <[🔎] 20030807155215.GD18220@alcor.net>
References: <[🔎] 3F310A43.9060101@balpol.tudelft.nl> <[🔎] 20030807155215.GD18220@alcor.net>

Hi,

Matt Zimmerman wrote:

If you don't also subscribe to debian-security-announce, then you are
missing important things like kernel updates.  There are several local root
exploits in the stock woody kernel which have been fixed by security updates
that would not be installed automatically.  You cannot rely on apt alone to
secure your system.

Thanks. I forgot to mantion that i am subscribed todebian-security-announce as well (ofcourse ;)). As far as the kernelupdates are concerned: i use my own kernel. At this moment that's 2.4.21with Alan Cox' patches (ac4). Could be there's an exploit in thatkernelversion. Maybe i should consider to go back to adebian-packagekernel...


Anyone any comment on or experience with debian vs custom kernels?

-- Thijs

Reply to:

Follow-Ups:
- Re: Debian Stable server hacked
  - From: Eric LeBlanc <inouk@igt.net>
- Re: Debian Stable server hacked
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Debian Stable server hacked
  - From: "Adam Majer" <adamm@galacticasoftware.com>

References:
- Debian Stable server hacked
  - From: Thijs Welman <thijs@balpol.tudelft.nl>
- Re: Debian Stable server hacked
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: How to reduce sid security
Next by Date: Re: Debian Stable server hacked
Previous by thread: Re: Debian Stable server hacked
Next by thread: Re: Debian Stable server hacked
Index(es):
- Date
- Thread