On Fri, Nov 20, 2009 at 2:06 PM, rhubbell <rhubb...@ihubbell.com> wrote: > On Fri, 20 Nov 2009 12:02:51 +1100 > > Definitely not missing the point. Maybe you missed mine. Not "worrying" > because you trust everything about OpenBSD and everyone that's worked on > it and every package you've installed and every piece of hardware you've > installed, etc., etc. It's naive to point elsewhere and say "see, they're > not secure". For example should I trust you and the other "tooters" just > because you insist OpenBSD's secure? >
That's a good point. However a story told on the testimonials page is a good reason not to take our word for it, because it's been demonstrated. A redhat server rooted but OpenBSD servers left after being probed is quite a feat. A P133 w/ 64mb of RAM being floodpinged by 900 hosts that only got a little slower from it is also a considerable achievement. > > How would you know if you've been compromised? If it's the crown jewels it > may be worth it to remain undetected, right? Saying it's not possible to > avoid detection is naive. > Usually when a machine is compromised, it is then used to attack other sites - that would be detected. A large sudden data transfer from a machine with the company's crown jewels on it would be a pretty good indicator as well. If the log files are sent offsite - a very wise move I believe - they could contain traces of the attack as well. I'm not naive though - you would actually have to be watching these, and if you're not, today's a good day to start. Hope this helps. -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse
