Hello Ed, Yes, i never read the whole WHT thread.
Louie On Jan 16, 2008 5:07 PM, Eduardo Tongson <[EMAIL PROTECTED]> wrote: > Hello Louie, > > If you read the WHT thread it is obvious that it did not come from > browsing. Secure is relative, you have to let some applications pass > through your security mechanisms. And the extent of the defenses put > in place may not be enough to hamper all attacks. For example, If the > initial vector is an obscure remote PHP core vulnerability or a web > application hole and you have a WAF that can be bypassed like > mod_security then your perceived security is weak. > > Not all Linux kernel security bugs are known. > > Ed <http://blog.eonsec.com> > > On Jan 16, 2008 4:15 PM, Louie Miranda <[EMAIL PROTECTED]> wrote: > > Hmm.. > > > > http://www.webhostingtalk.com/showthread.php?t=651748&page=1 > > Did it came from a website, while surfing? (trojan? js?, local root > > exploit?), then all Linux desktop users should be cautious while > surfing. > > > > And for Linux servers, i think they're still safe. As long as it is > secure > > (hardened) / firewalled (software/hardware). And, wala nag su-surf dun. > > > > If its kernel related exploit, upgrade to the newest kernel or patch > your > > current one (if meron na). > > > > Louie > > > > > > > > On Jan 16, 2008 3:57 PM, Rogelio Serrano <[EMAIL PROTECTED]> > wrote: > > > On Jan 16, 2008 3:51 PM, Allister Levi Sanchez > > > > > > > > > > > > <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > > > > > > > > > No its getting ugly. MS guys are beginning to trumpet the > "thousand > > > > > monkeys with computers does not make computer scientists angle". > > > > > > > > > > This is war! > > > > > > > > > > > > > > > > > > > > > > > This is indeed rather scary after reading all those threads about > it. > > Good > > > > for me I'm not a sysad right now. However, I don't see much for MS > to > > be > > > > rejoicing right now. The attack on end user PCs (if I understood > > correctly) > > > > is still on ActiveX, IE-related stuff which thankfully doesn't > affect > > > > Linux-desktop-loving, eternal newbies like me (gyahahahahaha... ok, > > sorry, > > > > it's not funny). Whatever it is, I hope they figure it out soon. > What > > a > > > > terrible way to start the new year for sysads. > > > > > > > > > > Ok my anxiety attack just went down a bit. But still the fact that > > > servers can be compromised just drives me crazy. > > > > > > I think i will start installing grsec in my servers now. > > > > > > > > > > Mabuhay, > > > > Allister > > > > > > > > > > > > > > > > > > > > > _________________________________________________ > > > > Philippine Linux Users' Group (PLUG) Mailing List > > > > [email protected] (#PLUG @ irc.free.net.ph) > > > > Read the Guidelines: http://linux.org.ph/lists > > > > Searchable Archives: http://archives.free.net.ph > > > > > > > > > > > > > > > > -- > > > Lay low and nourish in obscurity > > > _________________________________________________ > > > Philippine Linux Users' Group (PLUG) Mailing List > > > [email protected] (#PLUG @ irc.free.net.ph) > > > Read the Guidelines: http://linux.org.ph/lists > > > Searchable Archives: http://archives.free.net.ph > > > > > > > > > > > -- > > Louie Miranda ([EMAIL PROTECTED]) > > http://www.axishift.com > > > > Security Is A Series Of Well-Defined Steps > > chmod -R 0 / ; and smile :) > > _________________________________________________ > > Philippine Linux Users' Group (PLUG) Mailing List > > [email protected] (#PLUG @ irc.free.net.ph) > > Read the Guidelines: http://linux.org.ph/lists > > Searchable Archives: http://archives.free.net.ph > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > [email protected] (#PLUG @ irc.free.net.ph) > Read the Guidelines: http://linux.org.ph/lists > Searchable Archives: http://archives.free.net.ph > -- Louie Miranda ([EMAIL PROTECTED]) http://www.axishift.com Security Is A Series Of Well-Defined Steps chmod -R 0 / ; and smile :)
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Read the Guidelines: http://linux.org.ph/lists Searchable Archives: http://archives.free.net.ph
