From owner-freebsd-questions@FreeBSD.ORG Mon Jun 22 15:39:22 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B35971065670 for ; Mon, 22 Jun 2009 15:39:22 +0000 (UTC) (envelope-from alexus@gmail.com) Received: from mail-yx0-f200.google.com (mail-yx0-f200.google.com [209.85.210.200]) by mx1.freebsd.org (Postfix) with ESMTP id 666428FC22 for ; Mon, 22 Jun 2009 15:39:22 +0000 (UTC) (envelope-from alexus@gmail.com) Received: by yxe38 with SMTP id 38so2137830yxe.3 for ; Mon, 22 Jun 2009 08:39:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=dAHZMmbhV5HBske1YbPi3Ypvac5XMO0yE9OcXV+fAR8=; b=vET3HYN/GSARlYtcvbVfkB/FdExTgSiKA/0W3t5AeOfUR6d7RqHNo5SEhRR7H/8pUG yMVCQTN3KaU3wl/EWovgobrPv2eR/grn71olsrQVuzhG0W/eQuBzvMsHtngjCe4aEV2w RZVTXZCbYawlTXqabz1ta/w1OnPhRQ8RqtMds= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=ckad3czSXOSlY+OpeicakPKxq5Gxp9qh/xcDTAJ6CX05me0AbcYAcg5HD4FhLO7flH TJMQ9UZmS5T9lzQMLUePra94+RAimjXyH7bIWMNT5pUeKq1qRI9QZ0vcwaWAvGvs/lrt KRNgvgZ0jft5p7B+ZnPH2zjy3gRpkK3plmT+I= MIME-Version: 1.0 Received: by 10.151.38.19 with SMTP id q19mr11583375ybj.76.1245685161618; Mon, 22 Jun 2009 08:39:21 -0700 (PDT) In-Reply-To: <20090622113610.422cab85.wmoran@potentialtech.com> References: <20090619111234.6883afd2@gom> <20090619143935.6c28be98.wmoran@potentialtech.com> <20090619183535.006433d1@gom> <20090622085952.9ef38eab.wmoran@potentialtech.com> <70C0964126D66F458E688618E1CD008A0793F062@WADPEXV0.waddell.com> <20090622113610.422cab85.wmoran@potentialtech.com> Date: Mon, 22 Jun 2009 11:39:21 -0400 Message-ID: <6ae50c2d0906220839y1f9431aeg2646578b2a87a248@mail.gmail.com> From: alexus To: Bill Moran Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: Gary Gatten , freebsd-questions@freebsd.org, prad Subject: Re: backdoor threat X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jun 2009 15:39:23 -0000 On Mon, Jun 22, 2009 at 11:36 AM, Bill Moran wrot= e: > In response to "Gary Gatten" : > >> OK - this thread is scaring me. =C2=A0Anything that involves a "backdoor= " >> threat is very concerning - I keep looking over my shoulder to make sure >> no one is sneaking up on me! > > My job here is done ... > > In my experience, most people don't take the steps necessary to really > secure their systems. =C2=A0But it's all a tradeoff. =C2=A0If I'm running= an online > banking site, then I'm going to go all out to ensure that all the require= d > steps are made to secure the system, otherwise I'm not going to stay in > business very long. > > But if I'm selling ringtones over the internet, or running a site for fla= sh > games that makes money off banner ads, how diligent should I be? =C2=A0I = mean, > if someone breaks in, how much do I lose? =C2=A0I'm not storing anyone's = credit > card numbers, so I just have to deal with a couple days of downtime while > I fix the server. =C2=A0And chances are nobody is going to break into my = system > anyway, since I don't have anything worth stealing. > > Of course, the flaw in that reasoning is that while you may not care, the > rest of the internet is getting bombed by the botnet that you've joined > by your carelessness. > > The counter-argument to that is that you can't afford what it would cost > to _really_ secure a system like that. =C2=A0And it's not justified if th= e > information isn't sensitive anyway. > > So, yes. =C2=A0Keep looking over your shoulder. =C2=A0_Someone_ is sneaki= ng up on > you. > > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" > I would also try to patch your FreeBSD, bringing it up-to-date --=20 http://alexus.org/