Johnny has remarked on the importance of trust.
My trust in RedHat went down when I learned they are not shipping all
the SRPMs. Some say it is due to human error. If that is the case,
why should I think they are better at backporting security fixes than
at making sure a manifest of SRPMs
My trust in RedHat went down when I learned they are not shipping all
the SRPMs. Some say it is due to human error. If that is the case,
why should I think they are better at backporting security fixes than
at making sure a manifest of SRPMs is complete and correct?
Centos, SL and oracle
On Sat, Feb 19, 2011 at 6:58 AM, James Hogarth james.hoga...@gmail.com wrote:
For the record an archive of all mails sent to the mailing list
appears here... in this case in date order.
http://lists.centos.org/pipermail/centos/2011-January/date.html
To give you the benefit of the doubt I
On Saturday, February 19, 2011 12:57:40 am Larry Vaden wrote:
Through this experience,
starting with a hacked or poisoned name server, or, quite frankly, the
perception of one, I have learned what people really see.
Having a server hacked is one of the worst things that can happen in IT; not
On Saturday, February 19, 2011 01:51:55 am Larry Vaden wrote:
My trust in RedHat went down when I learned they are not shipping all
the SRPMs. Some say it is due to human error. If that is the case,
why should I think they are better at backporting security fixes than
at making sure a
On Sat, Feb 19, 2011 at 9:51 AM, Lamar Owen lo...@pari.edu wrote:
If your server was really hacked, I'd start from scratch, and set the new one
up more defensively.
THANKS for your input; there exists a consensus, so that's what will
be done (replace 4.8 with 5.x). Troy says Fermi (a great
On Sat, Feb 19, 2011 at 04:37:57PM -0600, Larry Vaden wrote:
THANKS for your input; there exists a consensus, so that's what will
be done (replace 4.8 with 5.x). Troy says Fermi (a great target for
the miscreants/actors) runs stock BIND as it appears in
RHEL/CentOS/SL, so, to be redundant,
On Sat, Feb 19, 2011 at 5:07 PM, John R. Dennison j...@gerdesas.com wrote:
Just out of curiosity, have you ever thought about hiring a
competent admin?
Yes.
___
CentOS mailing list
CentOS@centos.org
From: Larry Vaden va...@texoma.net
Date: Sun, Jan 23, 2011 at 8:03 PM
Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5?
Our site running Centos 4.8 and 5.5 name servers was hacked with
the result that www.yahoo.com is now within our /19 and causing
some grief.
Don't
On Fri, Feb 18, 2011 at 3:15 PM, Always Learning cen...@g7.u22.net wrote:
Don't understand what you mean by 'within our /19'. Have your IP ranges
changed? If your Bind date is corrupt, why not re-install Centos and
then restore the domains data from one of your regular backups?
Our network
On Fri, Feb 18, 2011 at 4:15 PM, Always Learning cen...@g7.u22.net wrote:
From: Larry Vaden va...@texoma.net
Date: Sun, Jan 23, 2011 at 8:03 PM
Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5?
Our site running Centos 4.8 and 5.5 name servers was hacked with
the result that
Our network consists of aaa.bbb.ccc.0/19. That's CIDR notation for
8,192 addresses.
But what has that got to do with www.yahoo.com moved into our /19
your comment is pretty unclear.
IMHO, fully updated purpose-built servers running 4.8 should have more
or less the same vulnerablity
On Friday, February 18, 2011 04:15:28 pm Always Learning wrote:
From: Larry Vaden va...@texoma.net
Our site running Centos 4.8 and 5.5 name servers was hacked with
the result that www.yahoo.com is now within our /19 and causing
some grief.
Don't understand what you mean by 'within our
I think I do; he's an ISP, and apparently someone inside his address block
(the CIDR notation /19; his actual block is publicly found by doing a quick
nslookup of his domain name, noting the IP address of the DNS server(s)
listed, and then a whois of the IP address of the DNS server(s).
On Fri, 2011-02-18 at 18:32 -0500, Lamar Owen wrote:
On Friday, February 18, 2011 04:15:28 pm Always Learning wrote:
Don't understand what you mean by 'within our /19'.
I think I do; he's an ISP, and apparently someone inside his address block
... has hacked in some way the zone file(s)
On Fri, Feb 18, 2011 at 4:37 PM, James Hogarth james.hoga...@gmail.com wrote:
Your mentor? What do you mean by that?
The same thing Wikipedia says, namely:
a trusted friend, counselor or teacher, usually a more experienced
person. Some professions have mentoring programs in which newcomers
are
Joe, Randy and James are my mentors of 15, 5 and 5 years,
respectively, and all said the same thing, namely nuke and repave, be
sure to be current on BIND since it is a purpose-built box (ns1).
Perhaps is it a difference in language and what you mean by mentor and
where I would mean old
On Fri, Feb 18, 2011 at 7:39 PM, James Hogarth james.hoga...@gmail.com wrote:
With 20/20 hindsight, it is clear that I shouldn't have posted the
original post asking the list for help and hopefully informing other
potential targets of the risk (read: there were no responses to the
original
On Fri, Feb 18, 2011 at 7:39 PM, James Hogarth james.hoga...@gmail.com wrote:
Joe, Randy and James are my mentors of 15, 5 and 5 years,
respectively, and all said the same thing, namely nuke and repave, be
sure to be current on BIND since it is a purpose-built box (ns1).
Perhaps is it a
19 matches
Mail list logo
