On Thu, 18 Jan 2001, you wrote:
> From: "Robin Houston" <[EMAIL PROTECTED]>
> > Aww c'mon! RedHat was obviously targeted because it's the most
> > widely used! None of the vulnerable software was written by RH
> > (and all of it was also included in other distros).
>
> That's true -- but how easy is RH to upgrade/patch? And why is RH7 shipping
> with all these services turned on? (NFS? rpc.*? Hello?) Perhaps *that's* why
> it's a steaming pile of crap getting hacked the whole time.
umm just because the default configuration is not optimal does not IMHO
make the whole thing a steaming pile of crap ... sure having rpc turned on
is a bit dumb if you have no need of it and its as holey as my socks,
but these things are easy to fix and anyone setting up a server should
have enough clue to turn em off ... anyone running wu-ftpd on a
permanently connected machine is asking for trouble.
in the end you need a decent ipchains set up as well .. and dump ftp and
telnet who needs em? .. firewall off everything apart from
smtp,dns,https(s) and ssh and you're about there, establish a
few routes to a few trusted hosts and that about does it.
at least a quick tweak with a rpm or two can make it into a decent
install, where as many other OS's are plain incurable.
All seem to have a weakness from Solaris to Plan9 .. redhat just got
rooted because it was popular ..
as a matter of interest what is your fave Linux or *nix install then??
--
Robin Szemeti
The box said "requires windows 95 or better"
So I installed Linux!
