blackhats - Re: Debian Server Compromise -- A Fire Drill ??
On Fri, 5 Dec 2003, Benedict Verheyen wrote:
> > Benedict writes:
> > > Are there people out there that really do this? I mean, try to break
> > > and post this to the people that can fix it?
- millions of script kiddies ...
- they will try to get in or do get in and leave you their
rootkit they tried to use that should fail on a tightened server
even if they got in thru some forgotten/unpatched vulnerability
- whether people take their comments and apply patches/fixes or not
is a separate issue ...
- most corp/managers do NOT do anything till after its been hacked
and than want to cleanup/patch/secure their boxes like it
was originally proposed ( which is no longer possible - new tasks
is forensics and cleanup and backups first and rewriting their
security policies )
- debian folks have done a good job .. minimizing damage