[Mod: Warning - we are hitting issues of security policy and that is not
what we would like to see here --alex]
Brian Koref said:
>
> Great input...
>
> As an investigator, many of the compromises I see involve systems
> which are 2 to 3 years old. An old slackware box sitting on a .mil
> domain, which some airman set up as a test machine. The airman gets
> trasferred, and the system is left up and running. Additionally, in
> the government, and in many commercial organizations as well, System
> Administration is more or less considered an "additional duty."
The
> individuals know how to set up accounts, change passwords, mount
> filesystems, backups, etc... They know nothing about security,
> mailing lists, news servers, advisories, patches,
> etc...Unfortunately, management typically hasn''t got a clue
either,
> and therefore holes get left unplugged. It''s good to see an
> occasional re-iteraton of previously reported exploits. Not everyone
> has been a subscriber to the linux security mailing list since its
> inception, and not everyone know about archives. I guess that''s
why
> speed limit signs are posted at regular intervals. To "remind" us
to
> obey the law.
[Moderator''s hat on]
To ensure Make one does know the traffic laws, one takes at least one test
is taken prior to one being able to get a license.
One could argue, rather successfully, that no airman should be able to
install a new slackware box on a .mil network without being cleared to do
that. Had the security for .mil was as important as some people claim to be,
such thing would have been impossible. So I guess the security policy for
that installation does not require the clearance, does it?
Please do not ask to post re-runs of old exploits - they are available and
easily accessible on the Web. Search engines do wonderful things. Links to
archives of this list as well as information about LSF updates is available
under http://www.aoy.com/Linux/Security/
[Moderator''s hat off]
Best wishes,
Alex
-----------------------------------------------------------------------------
Alex "Mr. Worf" Yuriev Nationwide ISP Bandwidth:
[www.netaxs.net ]
Net Access Outsourced News Reading: [www.newsread.com ]
alex@{netaxs.com|yuriev.com} Outsourced Shell Accounts: [shellaccounts.com]
RIP is irrelevant. Spoofing is futile. Your routes will be aggregated.
-----------------------------------------------------------------------------