-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Seth Arnold said:
> On Mon, Dec 24, 2001 at 01:00:08PM -0500, Jimi Thompson wrote: > > Third, before placing the machine in the DMZ, we always uninstall all > > the text editors (VI, EMACS, etc.). This way even if the box is [SNIP] > Heh, I'm sure practically every unix-ish admin can give you dozens of > ways to edit files without vi or emacs... In other words, while this > will provide a serious annoyance for you, hackers are liable to be able > to edit files all the same. Yeah, that's definitely true. Plus, if the Linux box in question uses any of the major distributions with a package manager, it's trivial to install the editors in a matter of moments. For example, on debian: # apt-get install vim Will get you a vi clone in very short order, and the similar command for Red Hat systems would be (for example): # rpm -ivh ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/os/i386/RedHat/RPMS/vim-minimal-5.8-7.i386.rpm # rpm -ivh ftp://ftp.redhat.com/pub/redhat/linux/7.2/en/os/i386/RedHat/RPMS/vim-common-5.8-7.i386.rpm If you're on a T1 or better, this will usually take about 30 seconds. People need to realize that if your system is compromised, an attacker can install whatever they want on your system, pretty trivially. Removing software is really pointless. - -- Derek Martin Senior System Administrator Mission Critical Linux [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8NifvdjdlQoHP510RAmczAJ946ZB6p5OapoYZhwRRoqYigW2fnQCgtb+C eX57b/WEzHgSF3oLfMUu2ao= =8aBG -----END PGP SIGNATURE-----
