> Anyway, I wanted to point out that hundreds of sites are broken into > every day around the world, but very few are so scrupulously public > about letting their customers know what happened, how it was cleaned > up, and what's being done to keep it from happening again. Only a > hardcore open source group would do it that way.
Indeed. It's a hard thing to air your dirty laundry in public, but on the whole I now have more confidence in the Debian crew, rather than less. The only thing that worries me about the write up is the fact that a "sniffed password" was used to break into several machines. I have to ask why they're not using SSH for all communications to/from these boxes and why they're not using something better than re-usable passwords for access control. It's not clear that these "vulnerabilities" that led to the original compromise have been closed, although the kernel bug that allowed the "break root" apparently has been. Sloppy work on the attackers' part in leaving the exploit code behind so that it could be analyzed, btw. All you can say is, "thanks very much." -- Hal Pomeranz, Founder/CEO Deer Run Associates [EMAIL PROTECTED] Network Connectivity and Security, Systems Management, Training _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug