This sounds like an excellent topic for a presentation. Anyone want to tackle it next month? We do not have a presentation scheduled and as such it would be nice of someone came forward.
Trevor, interested? Jarrod Major CLUG Treasurer Registered Linux User ----- Original Message ----- From: "Trevor Lauder" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 17, 2002 10:32 AM Subject: Re: (clug-talk) Linux gets a worm! > Even if you are running only services you want, those services still may > require updating and monitoring. If someone isn't keeping up on updates, > etc and they get hacked because of it then they get what they deserve and > I feel no sympathy for them. Just because Linux/Netware are stable OSes > doesn't mean they don't need babysitting (By this I mean: watching the > logs, monitoring the network they are on). The problem with the average > NT/2000 or MCSE administrator is that Microsoft is promoting lazy/cheap > administration. A lot of those administrators that come over to linux > bring those bad habits with them, and when something bad happens they > blame it on the OS when the blame should in fact lie with themselves. > Just my 2 cents. > > > One of the benefits of Linux is that it doesn't need to be babysat. > > > > I know this is an arguable thing, but I like that I set up a machine at > > one of our remote locations, and it hasn't been signed into in well over > > a year. > > > > It's fine to say "be on top of things", but I want a server that runs > > like this... http://www.networkcomputing.com/1119/1119f1products_2.html > > > > And I'll argue that exploit or not, this basically offers that ability. > > > > Unlike NT, Linux and Netware both run only services that you want them > > to, rather than needing repeated security patches for things like MEDIA > > PLAYER on a server. > > > > I wonder if anyone would notice if I used a Database server for watching > > DVDs throughout the day. Maybe, but then they do have GL screensavers > > too. > > > > Kev. > > > > > > > > ----- Original Message ----- > > From: "Trevor Lauder" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > > <[EMAIL PROTECTED]> Sent: Monday, September 16, 2002 12:22 PM > > Subject: Re: (clug-talk) Linux gets a worm! > > > > > >> Actually, worms under linux have existed for a while now... and even > >> longer under unix. As for this exploit, I really hope anyone here > >> running SSL had that patched a while ago because the patch for that > >> exploit came out about a month ago. This exploit is targeting servers > >> that haven't been updated in a at least a month and it's actually > >> hitting lots of people, pretty sad when patches have been available > >> for a while now. > >> > >> > >> > -----BEGIN PGP SIGNED MESSAGE----- > >> > Hash: SHA1 > >> > > >> > Finally Linux is worth the time for someone to make a worm. Easy to > >> detect, easy to defeat, and dose not affect my server but still a > >> worm. > >> > > >> > > > http://securityresponse.symantec.com/avcenter/security/Content/2002.09.13.ht > > ml > >> > > >> > Yes I run Apache but I don't use SSL. If you run SSL you must read > >> this. - -- > >> > Roy Souther <[EMAIL PROTECTED]> > >> > http://www.SiliconTao.com > >> > > >> > Live to code, code to live! > >> > -----BEGIN PGP SIGNATURE----- > >> > Version: GnuPG v1.0.6 (GNU/Linux) > >> > Comment: For info see http://www.gnupg.org > >> > > >> > iEYEARECAAYFAj2F83YACgkQCbnxcmEBt434oACgqPHbAWIcOBX6m7jOUZ2rsLJR > >> 1YoAnRkdLTB42p8mS+WlaDuB5L7nV39+ > >> > =YkE6 > >> > -----END PGP SIGNATURE----- > > > >
