From owner-freebsd-security Wed Jun 26 13:43: 2 2002 Delivered-To: freebsd-security@freebsd.org Received: from electricrain.com (electricrain.com [64.71.143.226]) by hub.freebsd.org (Postfix) with ESMTP id AB97E37CBA3 for ; Wed, 26 Jun 2002 13:20:57 -0700 (PDT) Received: (qmail 9381 invoked by uid 540); 26 Jun 2002 20:20:57 -0000 Date: Wed, 26 Jun 2002 13:20:57 -0700 From: Chris Doherty To: freebsd-security@freebsd.org Subject: Re: Wow Message-ID: <20020626202057.GA7152@zot.electricrain.com> Reply-To: chris-freebsd@randomcamel.net References: <20020626121754.F8071@mail.seattleFenix.net> <200206261919.g5QJJLLI018466@cvs.openbsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200206261919.g5QJJLLI018466@cvs.openbsd.org> User-Agent: Mutt/1.4i X-Operating-System: XEmacs X-Koan: mu. Organization: The Inside Foundation Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At some point, Theo de Raadt said: > I've barely slept in a week. get some rest. > So many of you are being totally unreasonable people. well. "Upgrade now." "What versions are vulnerable?" "Upgrade now." "*sigh* Okay, I'll upgrade my 40 production machines." "Okay, the version in -stable is unaffected. Oh yeah, and even if you're running a vulnerable version, set 'ChallengeResponseAuthentication no' and you'll be fine." people aren't being unreasonable. they just wasted a lot of time upgrading to a new version of software, when in reality probably 95% of cases are either not vulnerable or can be secured with a simple configuration file change (I made that number up, of course, but at least on this list it doesn't seem out of proportion). for myself with my one machine, I'm just annoyed. if I had gone through this bullshit on 40 machines, when I could have just modified a config file, I'd be pissed, and rightfully so. but, *shrug*. I'll not give such credence to vague warnings in the future--lesson learned. Chris ------------------------------- Chris Doherty chris [at] randomcamel.net "I think," said Christopher Robin, "that we ought to eat all our provisions now, so we won't have so much to carry." -- A. A. Milne ------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message