On Tue, Jun 26, 2007 at 02:39:43PM -0700, [EMAIL PROTECTED] wrote: > But, therein lies the rub. I happen to be using SuSE, and older (now > unsupported) distro. But, what little mentoing I have received, is to > never leave the tools for your "desturction" on the firewall box. So with > SuSE's YaST, I have to meticulously delete packages I don't want, remove > X, etc., etc., when I install. So when I (was able to) update, I relied > on the SuSE YaST tool to update the kernel, and in keeping with leave > tools/packages off, have to rely then on the binary distribution because I > don't even install a compiler on the Shorewall box.
This is more or less worthless on an internet-connected host. Every attacker just downloads whatever they need (in the form of a rootkit bundle), without even looking to see what is installed locally. The only person you inconvenience is yourself. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
