blackhats - Re: Debian Server Compromise -- A Fire Drill ??

To: Benedict Verheyen <linux4bene@pandora.be>
Cc: debian-user@lists.debian.org
Subject: blackhats - Re: Debian Server Compromise -- A Fire Drill ??
From: Alvin Oga <aoga@ns.Linux-Consulting.com>
Date: Fri, 5 Dec 2003 15:49:25 -0800 (PST)
Message-id: <[🔎] Pine.LNX.3.96.1031205154435.30357D-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 001701c3bb58$12eec560$0a00a8c0@camelot>


On Fri, 5 Dec 2003, Benedict Verheyen wrote:

> > Benedict writes:
> > > Are there people out there that really do this? I mean, try to break
> in
> > > and post this to the people that can fix it?

"blackhats"
"whitehats"
"grayhats"
"defcon"
"phrack"
...

- millions of script kiddies ...
	- they will try to get in or do get in and leave you their
	rootkit they tried to use that should fail on a tightened server
	even if they got in thru some forgotten/unpatched vulnerability

- whether people take their comments and apply patches/fixes or not
  is a separate issue ...
	- most corp/managers do NOT do anything till after its been hacked
	and than want to cleanup/patch/secure their boxes like it
	was originally proposed ( which is no longer possible - new tasks
	is forensics and cleanup and backups first and rewriting their
	security policies )

- debian folks have done a good job .. minimizing damage

c ya
alvin

Reply to:

References:
- Re: Debian Server Compromise -- A Fire Drill ??
  - From: "Benedict Verheyen" <linux4bene@pandora.be>

Prev by Date: Re: Where to get the new installer?
Next by Date: Re: [OT] Slashdot and media accuracy
Previous by thread: Re: Debian Server Compromise -- A Fire Drill ??
Next by thread: RAID card shows SCSI and unwanted IDE devices
Index(es):
- Date
- Thread