Re: Debian Server Compromise -- A Fire Drill ??
On Thu, 4 Dec 2003, Dave wrote:
> On Thu, 04 Dec 2003 20:20:21 +0100, Terry Hancock
> <email@example.com> wrote:
> >There is also the point that *somebody* found this bug. Just not the
> >folks we were hoping would. ;-) Letting real crackers hammer your
> >system is another way to find bugs, although we hope it's a last resort.
> You missed my point. I think this *is* a fire drill! I think this
> break-in was done by the best folks we could ever hope for.
> Consider this: The attacker chose a system that was heavily guarded and
> would generate a quick response from the people who could distribute a fix
> most quickly. He or she had intimate knowledge of the various Debian
> servers. And no damage was done.
> Can you hope for a better hacker than this? Do you think he could have had
> the same impact by merely announcing that he *could* break into a system if
> he wanted?
> The real question now is "How many similar exploits exist, and are being
> kept quiet for use in a real situation." We can only hope it's the good
> guys who have these secrets.
anytime you dont lose data ... consider yourself lucky ... and learn
from it and tighten the boat some
- i'm assuming the debian boat is tightened ??
( more staging machines and key checking ? )
-- you can always simulate a firedrill ... at any random time ...
and work out additional security policies accordingly