On Wed, Apr 24, 2002 at 09:38:01AM +0200, Shachar Shemesh wrote: > Hi all, > > Just wanted to let you all know that a server I am maintaining for > personal reasons was hacked. It is a neighbour of the iglu server (i.e. > - actcom hosted), and had the non-exec and SYM link protections. Just so > you keep in mind that these things are not guarentees against anything. > > I have also, as a result, became even more aware that we are running an > extremely old distribution, and we are out of date on some of the > packages. I think it is time that the whole of us start pulling an > assesment of what it would take to upgrade IGLU to the latest > redhat.
Time is always scarce here, but I'll pitch in to help where I can. > It's inventory time, guys and gals (any girls here but Chen, BTW?). How > many of the packages we run are self compiled? What are the services > IGLU is providing at the moment? (I know of web, SMTP, mailing list, > ssh, POP3 for some, inbound rsync and LXR). What else? Do we have > "owners" for each of these services? If we have unowned services, do we > want to keep them? I "own" LXR, which is due for an update anyway. I vote against keeping unmaitained services. If we have such services, and someone needs them enough to complain about their removal, they can volunteer to maintain them.... > Believe me, after having to drive to Haifa (and try to find parking in > Hadar) on a suprise notice, I can tell you that being hacked into is not > a pleasant thing. I have little incentive to go through this experience > again. I was sorry to hear about fiasco. -- The ill-formed Orange Fails to satisfy the eye: http://vipe.technion.ac.il/~mulix/ Segmentation fault. http://syscalltrack.sf.net/ ---------------------------------------------------------------------------- To unsubscribe, send a message to [EMAIL PROTECTED] Archives available at http://www.mail-archive.com/[email protected]/
