Re: More hacked servers?
On Thu, 27 Nov 2003 04:51, Matt Zimmerman <mdz@debian.org> wrote:
> Big money does not imply big security. Large corporations with lots of
> money to spend on security are compromised all the time. Obviously, they
> aren't as forthcoming about it as Debian due to monetary concerns, but even
> those incidents which are publicized are enough to demonstrate this.
You are forgetting one important point. You have to NOTICE a hack before you
can fix it. Big companies have a bad history of not even knowing that they
are hacked if their web page is not defaced.
One company I worked for had a machine where Apache would SEGV about 10,000
times per day. I expect that you could exploit the system to execute
arbitary code, which could then gain access to the internal network.
In spite of this my colleagues believed that their firewall did everything
necessary to protect the internal network. The network was configured such
that anyone who had access to the internal network effectively had root on
all machines (there were so many ways of getting root it wasn't funny).
AFAIK that network is still running in the same manner...
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: