Date: Mon, 16 Jul 2001 10:37:40 +0100 From: Paul Robinson <paul@akita.co.uk> To: Bart Silverstrim <bsilver@sosbbs.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: gcc on production server Message-ID: <20010716103740.C37477@jake.akitanet.co.uk> In-Reply-To: <010c01c10bdb$a8f11600$0100a8c0@sosbbs.com>; from bsilver@sosbbs.com on Fri, Jul 13, 2001 at 04:37:37PM -0400 References: <20010711170336.B84178@krijt.livens.net> <20010711123133.A21587@pitr.tuxinternet.com> <20010712123523.G53408@jake.akitanet.co.uk> <007c01c10b14$5462d820$0100a8c0@sosbbs.com> <20010713122500.A23202@jake.akitanet.co.uk> <010c01c10bdb$a8f11600$0100a8c0@sosbbs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jul 13, Bart Silverstrim <bsilver@sosbbs.com> wrote:
>
> If somebody finds a hold in FTPD and you want to patch it, you're going to
> have serious downtime no matter what; I wouldn't trust binaries afterwards.
> In a small ISP setting where I was (or in the place I'm working in now, if
> it would be possible) I'd rather do a full reinstall of the OS or get spare
> hardware and set up a replacement server to cycle in, depending on the
> damage. Otherwise you could be leaving back doors open.
Let me get this right.... you're sitting there one day, and you get a
message from ProFTPd-announce. They have a patch for an obscure, difficult
to exploit buffer overflow in the current release that your site is running.
They expect this news to hit BUGTRAQ in about 4 hours time. You would
reinstall the entire machine as opposed to patch the program?
Thank God you don't work for me.
If you have the patch, patch up. In addition where the *hell* is your MD5
database that you should have taken before the machine was connected to an
external network, thereby ensuring that none of your binaries are
compromised? Why aren't you running cryto-signed binaries a la Trusted? Why
are you taking up valuable time reinstalling a probably uncompromised
host? All I have to say is to quote from a book of quotes meant for MBA
students - "Treat your time like somebody is paying for it. Because somebody
is".
> Also with a RO media, if a hacker gets in, it does enhance security...how do
> you trojan a system you can't modify? The damage would occur to things like
How do you trojan a system where only binaries compiled with your compiler
can execute? How do you trojan a system without detection with RO MD5
databases? As for trojaning a system with a software-only write lock
(including jumpers on hard disks or maybe !gasp! a read only mount!)...
purr-lease....
I'm really not trying to start a flame war here, but I really don't think
people have thought through what is effective protection for a computer
system connected to the Internet in the modern world. Or rather, the ideas
they have are valid for the Internet in 1998, maybe 1999, but not with the
current tools available, right now, in 2001.
It just doesn't make sense, and nothing I've read on this thread so far has
convinced me otherwise.
--
Paul Robinson ,---------------------------------------
Technical Director @ Akita | A computer lets you make more mistakes
PO Box 604, Manchester, M60 3PR | than any other invention with the
T: +44 (0) 161 228 6388 (F:6389)| possible exceptions of handguns and
| Tequila - Mitch Ratcliffe
`-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010716103740.C37477>