Re: Debian Stable server hacked

["Martin G.H. Minkler" <dukeofnukem@gmx.net>]

*********** REPLY SEPARATOR  ***********

On 12.08.2003 at 23:20 Adam Majer wrote:

>On Thu, Aug 07, 2003 at 07:03:13PM +0200, Thijs Welman wrote:
>> Hi,
>> 
>> Thanks. I forgot to mantion that i am subscribed to 
>> debian-security-announce as well (ofcourse ;)). As far as the kernel 
>> updates are concerned: i use my own kernel. At this moment that's 2.4.21

>> with Alan Cox' patches (ac4). Could be there's an exploit in that 
>> kernelversion. Maybe i should consider to go back to a 
>> debian-packagekernel...
>> 
>> Anyone any comment on or experience with debian vs custom kernels?
>
>Generally if there is a kernel exploit, it is only used to get
>root from some other account. The way they get in is though some
>server app with a hole in it (known or not known).
>
<snip>

This is why my personal favourite it the former trusted debian project, now
kown as http://www.adamantix.org.
Take a look at their site, they offer RSBAC, PaX, all the goodies for the
Kernel AND:
They recompile all packages to be buffer overflow proof and as secure as
possible.

Mixing with standard debian packages is not recommended of course, but so
far I haven't encountered any problems. Nearly everything is there if You
don't require X anyway.

regards

Martin