RE: Hvor lang tid har DU til at patche dine servere ?

From: Henrik Kramshøj (none@henrik.kramshoj--vigilante.com.lh.bsd-dk.dk)
Date: Tue 24 Jul 2001 - 10:48:09 CEST 

From: Henrik Kramshøj <none@henrik.kramshoj--vigilante.com.lh.bsd-dk.dk>
To: "'bsd-dk@bsd-dk.dk'" <none@bsd-dk--bsd-dk.dk.lh.bsd-dk.dk>
Subject: RE: Hvor lang tid har DU til at patche dine servere ?
Date: Tue, 24 Jul 2001 10:48:09 +0200

Hej Lars

Men har FreeBSD ikke krypteret Telnet ??
Phil fik da hele tiden "Secured" et eller andet

og eftersom SSH 3.0.0 fra SSH Comm. ligeledes har et graverende hul
http://www.securityfocus.com/archive/1/198404
var ovenstående blot et eksempel ...

Ups, din server blev hacket mens du sov, imorgen tidlig finder du
et advisory - men det er for sent ...

Trenden som jeg ser den er på vej væk fra
"prevention will keep your servers secure" til

"yes prevention and firewalls will help, but we need to
plan for breakins - contain and recover"

Synes I jeg er paranoid ?

Henrik Lund Kramshøj
henrik.kramshoj@vigilante.com
Group Manager/Security Engineer
___________________
VIGILANTe - Assuring Internet Security
www.vigilante.com

Company Phone +45 7020 6565
Direct Phone +45 7731 6584
Mobile Phone +45 2026 6000

-----Original Message-----
From: Lars Josephsen [mailto:hunter@dina.kvl.dk]
Sent: 24. juli 2001 10:41
To: bsd-dk@bsd-dk.dk
Subject: Re: Hvor lang tid har DU til at patche dine servere ?

On Tue, Jul 24, 2001 at 10:16:39AM +0200, Henrik Kramshøj wrote:
>
> Check datoen på advisory mod dato for hack ...
>
> Det er ikke til at vide om stileproject blev hacket af en god hacker, men
et
> defacement
> er for mig en scriptkiddie der blot vil have opmærksomhed ...
>
> Vi sidder allesammen med problemet, at skulle patche servere i minus tid
:-(

De kørte telnetd, på en maskine der var på internettet.

Det siger vist noget om hvor meget de går op i sikkerhed.

M.v.h.

Lars 

-- 
Lars Josephsen <none@hunter--dina.kvl.dk.lh.bsd-dk.dk> LJ667-DK
System Administrator, Department of Mathematics and Physics
Royal Veterinary and Agricultural University, Copenhagen

>>>>          VIGILANTe.com NOTICE - AUTOMATICALLY INSERTED          <<<< 

The information transmitted is intended only for the person or entity to
which it is  addressed and may contain confidential and/or privileged
material.  Any review,  retransmission, dissemination or other use of, or
taking of any action in reliance upon,  this information by persons or
entities other than the intended recipient is prohibited.

Any opinions expressed in this email are those of the individual and not
necessarily the Company.

If  you receive this transmission in error, please email to
postmaster@vigilante.com, including a copy of this message. Please then
delete this email and destroy any copies of it.

>>>>>>>>>>>>>>>>>>>>>>>>>> DISCLAIMER END <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:12 CET