RE: What's vunerable?

From: Will Mitayai Keeso Rowe (mit@mitayai.net)
Date: 03/16/01


From: "Will Mitayai Keeso Rowe" <mit@mitayai.net>
To: "Peter McGarvey" <peterm@vianetworks.co.uk>, "freebsd-security" <freebsd-security@freebsd.org>
Date: Fri, 16 Mar 2001 11:43:40 -0500


inherited? need a lot of work? then assume everything is vulnerable due to
ex-employees, past trojan horses, bad administrative practices and
configurations, etc.

go through the FreeBSD Security Advisories at
http://www.freebsd.org/security/#adv for alkl the listed advisories.

make sure you pay attention to all the installed packages, ports, and
user-installed third-party stuff.

-Mit
:-----Original Message-----
:From: owner-freebsd-security@FreeBSD.ORG
:[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Peter McGarvey
:Sent: March 16, 2001 04:25 AM
:To: freebsd-security
:Subject: What's vunerable?
:
:
:I've just inherited several FreeBSD boxes. The versions range from
:3.2_RELEASE to 4.1_RELEASE.
:
:On the BSD boxes I already maintain I cvsup and make world on a monthly
:basis - or as soon as I see a CERT advisory that I know relates to
:something that can bite. But the inherited boxes need a lot of work,
:and I cannot guarantee to "The Powers That Be" that a make world wont
:break the box.
:
:What I really need to know is what vulnerabilities exist on each box -
:so that I can present the boss with a risk assessment, and make him
:decide if the box stays as is, or gets a make world.
:
:So any advice anyone can give me, on how to find out what's vunerable
:with any particular FreeBSD version, would be greatly appreciated.
:
:--
:TTFN, FNORD
:
:Peter McGarvey
:System Administrator
:Network Operations, VIA Networks UK
:
:To Unsubscribe: send mail to majordomo@FreeBSD.org
:with "unsubscribe freebsd-security" in the body of the message
:
:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages