Date: Tue, 24 Jul 2001 19:15:56 +0200 From: "Steve O'Hara-Smith" <steveo@eircom.net> To: The Psychotic Viper <psyv@root.org.za> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: probably remote exploit Message-ID: <20010724191556.25cb1c9e.steveo@eircom.net> In-Reply-To: <Pine.BSF.4.21.0107220333420.21423-100000@lucifer.fuzion.za.org> References: <15194.2597.335066.379263@guru.mired.org> <Pine.BSF.4.21.0107220333420.21423-100000@lucifer.fuzion.za.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 22 Jul 2001 03:56:26 +0200 (SAST)
The Psychotic Viper <psyv@root.org.za> wrote:
TV> Sure it takes time to to backup user data, reinstall of multiple machines
TV> but it may save a lot of time when you have to keep rebuilding your
TV> machine because your visitor keeps getting back in. Also prevents them
TV> getting in remotely (hopefully) through a known vulnerablity if you
TV> install the latest release of whatever OS you have.
Of course if the invader managed to lodge a starter somewhere in the
user data then sooner or later you're open again :(
Complete security is a myth, unless you built the hardware yourself
in a closed room, audited (or preferably wrote) all the code and all executable
and configuration data is physically read only *before* any connection can be
made. Even then some bright spark will probably find a hole!
All you can do is raise the bar high enough to send the invader
somewhere else, or try and trap them and find them. Reinstall from clean
media and restore user data is about as good as you can reasonably do and
it puts the bar pretty high.
--
Directable Mirrors - A Better Way To Focus The Sun
http://www.best.com/~sohara
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010724191556.25cb1c9e.steveo>