[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

blackhats - Re: Debian Server Compromise -- A Fire Drill ??

On Fri, 5 Dec 2003, Benedict Verheyen wrote:

> > Benedict writes:
> > > Are there people out there that really do this? I mean, try to break
> in
> > > and post this to the people that can fix it?


- millions of script kiddies ...
	- they will try to get in or do get in and leave you their
	rootkit they tried to use that should fail on a tightened server
	even if they got in thru some forgotten/unpatched vulnerability

- whether people take their comments and apply patches/fixes or not
  is a separate issue ...
	- most corp/managers do NOT do anything till after its been hacked
	and than want to cleanup/patch/secure their boxes like it
	was originally proposed ( which is no longer possible - new tasks
	is forensics and cleanup and backups first and rewriting their
	security policies )

- debian folks have done a good job .. minimizing damage

c ya

Reply to: