From owner-freebsd-security Thu May 31 17:26:27 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.webmonster.de (datasink.webmonster.de [194.162.162.209]) by hub.freebsd.org (Postfix) with SMTP id 0668237B422 for ; Thu, 31 May 2001 17:26:19 -0700 (PDT) (envelope-from karsten@rohrbach.de) Received: (qmail 88194 invoked by uid 1000); 1 Jun 2001 00:26:39 -0000 Date: Fri, 1 Jun 2001 02:26:39 +0200 From: "Karsten W. Rohrbach" To: Alex Holst Cc: freebsd-security@freebsd.org Subject: Re: Apache Software Foundation Server compromised, resecured. (fwd) Message-ID: <20010601022639.E85717@mail.webmonster.de> Mail-Followup-To: "Karsten W. Rohrbach" , Alex Holst , freebsd-security@freebsd.org References: <200105312300.f4VN0RD24448@cwsys.cwsent.com> <20010601013041.A32818@area51.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="jkO+KyKz7TfD21mV" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010601013041.A32818@area51.dk>; from a@area51.dk on Fri, Jun 01, 2001 at 01:30:41AM +0200 X-Arbitrary-Number-Of-The-Day: 42 X-URL: http://www.webmonster.de/ X-Disclaimer: My opinions do not necessarily represent those of my employer Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --jkO+KyKz7TfD21mV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Alex Holst(a@area51.dk)@2001.06.01 01:30:41 +0000: > That should be verified often with scanssh or something similar. I was > surprised when I read about the compromise, because it gives the impressi= on > that people are still using passwords (as opposed to keys with passphrase= s) > for authentication in this day and age. Is that correct? If so, why is th= at? there are people on the net that have telnetd listening on their servers. there are people on the net who run outdated versions of whatever you want (see netcraft apache versions or the dns server versions thingamabob that states that there are still ~30% bind 4.x boxes out there and a shitload of bind<8.2.3). there are big sites running old wu-ftpd's on badly patched slowlaris systems. i even heard of people publishing their web documents with iis on nt or 2000. the security discussion is always split: 1) improvement of current operating systems and daemon software 2) how to prevent people from inviting crackers to their boxes running outdated crap cheers, /k --=20 > As a computing professional, I believe it would be unethical for me to > advise, recommend, or support the use (save possibly for personal > amusement) of any product that is or depends on any Microsoft product. > --David H. Wolfskill KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 --jkO+KyKz7TfD21mV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7FuE/M0BPTilkv0YRAgtmAKCqAM/AtRqtTMM7rczDQysDLhXj3ACgmTMo J2dtI7voUlAAid6dAgNHtC8= =PkH2 -----END PGP SIGNATURE----- --jkO+KyKz7TfD21mV-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message