> Gene Buckle <[EMAIL PROTECTED]> wrote: > >> Gene Buckle writes: > >> > Thanks Norman. I wish they'd stop writing such crap. *sigh* > >> > > >> > g. > >> > > >> > > >> > On Mon, 25 Aug 2003, Norman Vine wrote: > >> > > >> > > FYI > >> > > http://www.cert.org/advisories/CA-2003-07.html > >> > >> On average for the last 10 years, Sendmail has probably been good for > >> one of these alerts per week. :-) Most of them probably aren't as > >> serious as they sound though. A lot of unix security alerts are for > >> "theoretical" problems with no known implimentation of an exploit. > >> > > > It's just that I had far better things to do with my evening than upgrade > > a machine to postfix. > > Who forced you to do so ? I know, this is sort of a rhetorical question but > I have severe doubts that you really have an answer that applies corretly. > > I started running Sendmail based systems on the net about 9 years ago and I > never had a system compromised. It is sufficient to know what you're doing. > Switching over to Postfix is not the solution for your specific problem, > it's just the illusion of a fix. >
I've been nailed twice. Once through an IRC exploit on a server I was running, and once under a BIND exploit. The first one I closed fairly quickly, the second one was a mess though. I came down with the flu the day before the Bugtraq announcement and they had the run of my main webserver for the better part of two weeks. They'd put so many back doors and trojans in there that I just wiped the box and started from scratch. I traced the little bastards all the way back to Romainia. They only reason they're both not parapalegics right now was my lack of available vacation time when the event occured. I've since cooled down considerably. :) g. _______________________________________________ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel