Re: Security and Testing

To: Dave Ewart <davee@sungate.co.uk>
Cc: debian-user@lists.debian.org
Subject: Re: Security and Testing
From: Alvin Oga <aoga@ns.Linux-Consulting.com>
Date: Thu, 17 Mar 2005 04:37:06 -0800 (PST)
Message-id: <[🔎] Pine.LNX.3.96.1050317043247.3870A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 20050317120659.GB3518@sungate.co.uk>

On Thu, 17 Mar 2005, Dave Ewart wrote:

> This is not intended as flamebait, but perhaps those who are *really*
> concerned about up-to-date security don't run 'testing ... ?  That may
> explain your lack of response.

for me ... i assume the [cr/h]ackers are already inside the network
and is watching and/or sleeping and recording ..

	- i work around things based on that assumption
	and than gamble with roulette and statistics and probability
	and repeatability and ... endless list ...

	- i exclude the possibility of any keyboard loggers running on
	*nix boxes, and if there was one loaded, all bets are off anyway
	( ssh, ssl, nada will help since they got your keystrokes and
	  mouse clicks )

> Sarge server can be mitigated by having other layers in your security
> model (firewalls etc.) and keeping a close eye on the security
> bulletins.

lots of layers

c ya 
alvin

Reply to:

References:
- Re: Security and Testing
  - From: Dave Ewart <davee@sungate.co.uk>

Prev by Date: Re: how can you play wmv files?
Next by Date: Re: broken grep and gzip
Previous by thread: Re: Security and Testing
Next by thread: Re: Security and Testing
Index(es):
- Date
- Thread