of course. direct/nat'd tcp/ip connection from the unsafe internet to the private lan is really the only attack vector anyone half malicious would try...
http://it.slashdot.org/story/11/09/26/2218238/mysqlcom-hacked-made-to-serve-malware On Tue, Sep 27, 2011 at 12:38 PM, James Linder <[email protected]> wrote: > > On 27/09/2011, at 10:00 AM, [email protected] wrote: > > > > > * James Linder <[email protected]> [2011-09-25 10:44:47 +0800]: > >> my words will generate hows of anguish from the slug-cognoscii, but > >> your questions show that you are a new user so... , this is what I'd > >> do: > >> .. > >> Never turn on automatic updates. What for? They all too often break > >> things, despite the hype don't do anything for you. > > > > <cough> if you going to take this path, at least install security > > patches. For example in Ubuntu, "Install Security Updates without > > Confirmation". > > One does not naively say stupid words :-) so this is why I say them: > > I recon if I had $1 for every time I've read 'I updated/installed updates > .... > > The most likely scenario here is a machine on a private network behind a > router > Now if you're savy enough to enable some services through your router to > your machine then you are savy enough to take care. > > If you've not forwarded any services, then the outside world can't reach > your machine. It is not there. > > I would guess that most of our wives/partners/housemates are not going to > hack our machines > > That leaves established/related back into the machine. > A very small risk for a great deal of heartache. > > My own experience is over 100 un-updated-server-years with never an > incident > One server in the Phillipines is regularly hacked every year or 2, but lots > of staff know root passwd !! > > For your machine, at home, behind a router, by all means play, but don't > think no-updates means hacked my morning > > James-- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Kind Regards, Christopher Barnes e. [email protected] -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
