VanLUG Email Archive
Traduisez - Übersetzen - Traduzca - Traduza - Tradurre - Translate
Brian Edmonds (brian@gweep.bc.ca)
Fri, 19 Jan 2001 11:53:30 -0800
Rob Bos <rbos@wizard.ca> writes:
>>> Now we (Linux users) can stop looking so smug!
> In fact, I can think of a few ways in which such a program could be
> written and made capable of doing so much more than that relatively
> primitive attempt - having "modules" for any given security hole, for
> instance, would turn a problem into a nightmare.
Not that this is terribly original, as that's exactly how the Morris
worm operated. It knew how to exploit known holes in sendmail and a few
other systems, and would just try each in turn on all the machines that
its current host know about.
> proftpd is a good FTP server, I think.
At least until the next security advisory is released for it. No
software is really immune. Even the most basic and obvious code that
you think is bulletproof will have *something* found exploitable in it.
The practical goal is to make your system harder than the one next door
so that you're not an attractive target. The usual rules apply: turn
off services you're not offering, packet filter to make sure they stay
that way, and keep up on security releases for the services you do
offer.
Brian.
-- This message came to you via the Vancouver Linux Users Group mailing list. For unsubscription instructions do not email the list, but rather send mail to <vanlug-request@gweep.bc.ca>.
This archive was generated by hypermail 2.0b3 on Tue 03 Jul 2001 - 18:31:58