From owner-freebsd-security Fri Dec 12 00:58:52 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id AAA04289 for security-outgoing; Fri, 12 Dec 1997 00:58:52 -0800 (PST) (envelope-from owner-freebsd-security) Received: from firewall.ftf.dk (root@mail.ftf.dk [129.142.64.2]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id AAA04284 for ; Fri, 12 Dec 1997 00:58:46 -0800 (PST) (envelope-from regnauld@deepo.prosa.dk) Received: from mail.prosa.dk ([192.168.100.2]) by firewall.ftf.dk (8.7.6/8.7.3) with ESMTP id LAA27657; Fri, 12 Dec 1997 11:36:29 +0100 Received: from deepo.prosa.dk (deepo.prosa.dk [192.168.100.10]) by mail.prosa.dk (8.8.5/8.8.5/prosa-1.1) with ESMTP id KAA21464; Fri, 12 Dec 1997 10:23:46 +0100 (CET) Received: (from regnauld@localhost) by deepo.prosa.dk (8.8.7/8.8.5/prosa-1.1) id JAA11892; Fri, 12 Dec 1997 09:57:10 +0100 (CET) Message-ID: <19971212095710.18707@deepo.prosa.dk> Date: Fri, 12 Dec 1997 09:57:10 +0100 From: Philippe Regnauld To: Charlie Roots Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security References: <19971212031505.23074.rocketmail@send1a.yahoomail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.88e In-Reply-To: <19971212031505.23074.rocketmail@send1a.yahoomail.com>; from Charlie Roots on Thu, Dec 11, 1997 at 07:15:05PM -0800 X-Operating-System: FreeBSD 2.2.5-RELEASE i386 Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Charlie Roots writes: > > 2.Is there a Hacker-Simulator team working day or night to try break > the system security as the normal hacker would ????? Not that we know of, no. But most everybody with some UNIX experience a) reads the advisories b) fixes any known caveats (i.e.: open() bug) c) fortifies / enhances the security of the said box (wrappers, ssh, tripwire, ipfw, etc...) ... which is what you do, whether the vendor is called HP, Sun, or FreeBSD. > because if there is no such group, its high time the FreeBSD gather > such a group, which should be formed with ONE REASON IN MIND, BREAK > FREEBSD SECURITY. Great! Who finances them ? Jordan, can you find more of those 4-room offices with a couple more of those paid full-time release engineers that you seem to have lying about ? >8-) > Especially many, current, and future ISPs are planning the Shift to > FreeBSD, since it now supports SMP Monsters. ISPs have _long ago_ (though not in a galaxy far far away) started to move some of their activities to freely availably Unices like like FreeBSD. SMP is just a natural step which they'll (hopefully) just take like the rest of us -- security is usually their own business. Like David said, everybody keeps an eye on his piece of code, trying to avoid the bugs crawling in. That's why you see advisories. -- -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]- "Pluto placed his bad dog at the entrance of Hades to keep the dead IN and the living OUT! The archetypical corporate firewall?" - S. Kelly Bootle, about Cerberus ["MYTHOLOGY", in Marutukku distrib] -