Ken Foskey wrote:
It would be interesting to be specific. How did you deal with the Debian
break-in for example? Did you have the AM patches in already or did you
include them and roll them out urgently ?
I meant to ask the ff questions for a long:
1. Would SELinux have prevented or minimized damaged to Debian site ? For example, it should have taken the break-in longer from the time the attempt
was first tried to the time it succeeded. And so, SysAdmin would have longer window
to realise there has been attempts on the servers ? It should have confined the first
break-in to within a limited set of functionalities ?
2. Would 'kerberos' have prevented this sort of break-in ?
Thanks.
O Plameras
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
