don't deserve to be hacked?

(ZDNET) - If you spend more on coffee than you spend on IT security, then you will be hacked. What's more, you deserve to be hacked. - Richard Clarke, special adviser to the president on cyberspace security.

Re: Security Program Targets

You will find 90% of everything in the corporate world is about ego. That's an old argument I'm not going into here. Time is money == insecurity. I seriously wonder what has to happen before we security heads are listened to on many of the problems that plague us. There's no way to know if

Re: security through obscurity (was: Re: remove apache os banner

the real hackers need little sites to bounce off at the least. They TOO use these bulk scanners for such things at times I'm sure. I know for myself, if I really want to know the basics about a system I use this: http://ar.com.au/~thefinn/hv.c Perhaps it's better to be secure AND obscure. Bored

Re: about shell's

-BEGIN PGP SIGNED MESSAGE- On Sat, 4 May 2002 05:27, you wrote: Hi, Anyone know a shell (for linux) more secure or whit more security rules better than bash or rbash? Thanks in advanced Matias bash + bofh patches. (there's tcsh bofh too) Best I know of. If you want SHELL

Re: about shell's

-BEGIN PGP SIGNED MESSAGE- On Sat, 4 May 2002 21:02, you wrote: Please, tell me more about this kernel patch : ) Why I try to do? for example: log the .bash_history in real time (no buffered), and push this to a socket. I've lost the url for the patches for bash and tcsh. I do

Re: autowu v1.0

-BEGIN PGP SIGNED MESSAGE- On Thu, 25 Apr 2002 16:28, you wrote: Hello everyone! I just noticed from out router logs that scans for the ftp port increases these days. Now i´ve heard that this has something to do with somewhat Wu-FTPD autorooter autowu v.10. i didnt find it on

Re: Fwd: Re: apache spills its' guts

-BEGIN PGP SIGNED MESSAGE- On Sat, 20 Apr 2002 03:07, you wrote: TheFinn wrote: On Thu, 18 Apr 2002 07:11, you wrote: I disagree, have a look at one of the latest TESO exploits: [...] So, if you can obscure your version numbers this baby don't work. Merely one example. I

Fwd: Re: apache spills its' guts

On Thu, 18 Apr 2002 07:11, you wrote: On Wed, 17 Apr 2002, TheFinn wrote: Anyone know of an easy/fast way to stop apache from spilling its' guts when it gets scanned? Here's some scanner output: Apache/1.3.12 (Unix) (Red Hat/Linux) mod_ssl/2.6.6 OpenSSL/0.9.6 PHP/3.0.15 mod_perl/1.21

apache spills its' guts

that. thanks TheFinn. -BEGIN PGP SIGNATURE- Version: PGP 6.5.8 iQEVAwUBPL0CeFcLqEBr4wHHAQGrBAgAkcCkfTvhdFg85mIt1hiTaPwNhhFWSEkf wpgP0FAtM9p8vL6NWTZhcVcdcg3c1ZS3IepqR9OUa8DmJmGzP6nlXMr9csYqVUHD zGKI5yb0Wm7SEHndmimdXQqdnnDt2pUw9TMaD9y3bYVqQT73vb1uh960ryB8wPTN