Re: Debian Stable server hacked
*********** REPLY SEPARATOR ***********
On 12.08.2003 at 23:20 Adam Majer wrote:
>On Thu, Aug 07, 2003 at 07:03:13PM +0200, Thijs Welman wrote:
>> Thanks. I forgot to mantion that i am subscribed to
>> debian-security-announce as well (ofcourse ;)). As far as the kernel
>> updates are concerned: i use my own kernel. At this moment that's 2.4.21
>> with Alan Cox' patches (ac4). Could be there's an exploit in that
>> kernelversion. Maybe i should consider to go back to a
>> Anyone any comment on or experience with debian vs custom kernels?
>Generally if there is a kernel exploit, it is only used to get
>root from some other account. The way they get in is though some
>server app with a hole in it (known or not known).
This is why my personal favourite it the former trusted debian project, now
kown as http://www.adamantix.org.
Take a look at their site, they offer RSBAC, PaX, all the goodies for the
They recompile all packages to be buffer overflow proof and as secure as
Mixing with standard debian packages is not recommended of course, but so
far I haven't encountered any problems. Nearly everything is there if You
don't require X anyway.