Les Mikesell wrote:

But we do know that a large number of DNS servers are still vulnerable to spoofing. How do you know that what you think was an official mirror delivering your rpm update wasn't an imposter, spoofed in DNS.

You're absolutely right, but if I assume we're talking about RHEL infrastructure, in this case the attacker has to spoof the up2date's/yum's RHN certificate, too.

--
BÉRES László  RHCE, RHCX   senior IT engineer, trainer
Red Hat, Fedora, CentOS, SELinux:  http://sys-admin.hu

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Reply via email to