Re: linux box compromised: advice needed

• Previous message: Zombie: "problem using libpcap's functions"
• In reply to: Marcus Lauer: "Re: linux box compromised: advice needed"
• Next in thread: Bill Unruh: "Re: linux box compromised: advice needed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Tim Haynes <usenet@stirfried.vegetable.org.uk>
Date: Wed, 27 Mar 2002 09:30:47 +0000

Marcus Lauer <reply@via.newsgroup.com> writes:

> Tim Haynes wrote:
>
>> Saying `qmail is more secure', in the absence of demonstrable recovery-
>> from-compromise time stats, is FUD. Saying that people should run from
>> something they've chosen to use to qmail, even because of a compromise,
>> is mis-applying said FUD.
>
> "Recovery-from-compromise" stats? That sounds pretty useless.
> What you want is for exploits to be found rarely (preferrably never) so
> that compromises never occur. Data on number of root exploits, or average
> time between discovery of root exploits, would be more useful.

No it's not. FFS, past performance is no indicator of future. Simple
"number of root exploits" is what anti-sendmail pillocks use, and a big
stinkin' 0 from qmail does NOT prove it's any more secure.

Ultimately I don't care if my MTA has up to ~5 or so separate security
incidents in a year as long as they're all fixed in a reasonable -quick-
turnaround time, because I'd *far* rather have a fixed bug, know about it,
and be done, than be told "it's more secure" with NO REAL DATA.

~Tim

-- 
Sometimes you're the pigeon,                |piglet@stirfried.vegetable.org.uk
Sometimes you're the statue.                |http://spodzone.org.uk/

• Next message: Tim Tassonis: "Re: ssh 1.2.1 Root compromise"
• Previous message: Zombie: "problem using libpcap's functions"
• In reply to: Marcus Lauer: "Re: linux box compromised: advice needed"
• Next in thread: Bill Unruh: "Re: linux box compromised: advice needed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]