On Tue, Sep 17, 2002 at 03:21:01PM +0100, [EMAIL PROTECTED] wrote: > On Tue, Sep 17, 2002 at 02:03:49PM +0100, Lusercop said: > > I'm firmly supportive of the idea that someone who lets their box get > > r00ted is not competent to have root access themselves. > In the case of it happening *after* the bugtraq post about the > particular hole maybe yes but if you were hacked before the hole was > public?
The date of known infections by the worm in question significantly postdates the advisory (30-Jul-2002, according to www.openssl.org). Now, in general, however, I agree with you. There are obvious things you can do to mitigate that risk, though. -- Lusercop.net - LARTing Lusers everywhere since 2002