Greetings,. Am Donnerstag, 19. Februar 2004 00:37 schrieb Michael Stone: > On Wed, Feb 18, 2004 at 11:37:19PM +0100, Jan Lühr wrote: > >But if knowlegde about this vuln is availeable - if fixes are done, but > > not avaible yet, how do I protect myself? > > Are you less secure today than yesterday? No. Someone will always know > about a vulnerability before you do, you need to deal with that. You > protect yourself by disabling unnecessary services, teaching your users > good security habits, elminating replayable passwords, keeping good > logs, reviewing those logs, making good backups, etc. Can you still be > compromised? Yup. Are there people out there right now exploiting > vulnerabilities you don't know about? Yup. All you can do is established > a layered security plan and prepare a disaster recovery plan for the > inevitable.
Of cours - these are the main aspects of a secure installation, but as we have seen in the recent debian compromise it may not be enough. Imho opinion, please correct me if I'm wrong - an exploit, known for many weeks by much people, trying to correct it, is more threadening than some exoctic exploit, which may be known to a bunch of people. Thus the information about the discussed exploit can be easily obtained by some "bad guy". What about establishing some kind of warning service? E.g. sshd has a well known serious leak, you should shut it down for the next few days. Keep smiling yanosz P.S. May apologies for my last e-mails - I'm trying not to go on trolling, maybe I was to astonished and to excited. The DST has done quite a good job for the recent months / yers. Go on!
