Re: /lib/security/.config

From: David Hart (news-post@mcdh.co.uk)
Date: 03/13/02


From: David Hart <news-post@mcdh.co.uk>
Date: Wed, 13 Mar 2002 18:55:47 +0000

Peter Eddy <petere@atg.com> wrote:

> David Hart wrote:
>>
>> So you're saying that with your 'personal' firewall you've been cracked
>> often enough to gain an opinion on what crackers install? Kind of
>> devalues the perceived value of your experience, doesn't it?
>
> By personal I mean a firewall for my home network, one not used for a
> business. I don't think that's an uncommon enough use of the term
> "personal firewall" to warrant the apparently pejorative quotes in your
> comment.

I was merely emphasizing that your opinion about 'most rootkits' was
derived from your experience with your _one_ personal firewall. Hardly
likely to be of value anecdotally, let alone statistically.
 
> As far as my record, I've had the firewall in question for about six
> years. Four cracks in six years isn't a bad record for a non diligently
> maintained home Linux based firewall with a static IP address. The most
> recent one was the SSH vulnerability and I was cracked just hours after
> learning about it.

Well my first reaction, on learning of a vulnerablility of a service I
was running, would be, if it was reasonably possible, to disable that
service and block it at the firewall until a fix was available.

Now if you'd said that you were cracked a few hours _before_ learning
about it . . .
 

-- 
David Hart
david@mcdh.co.uk