[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[linux-security] Re: RedHat 5.X Security Book

From: David Gale <dgale datapex com>
To: Jon Lewis <jlewis inorganic5 fdt net>
Cc: twiztah <twiztah ANARCHY MAXHO COM>, Kent Crispin <kent songbird com>, linux-security redhat com
Subject: [linux-security] Re: RedHat 5.X Security Book
Date: Sun, 12 Jul 1998 18:20:00 -0400 (EDT)

On Sun, 12 Jul 1998, Jon Lewis wrote:

> I still fully agree its a good idea to make your system as secure as you
> can, but the statement that any system is 100% secure against publically
> known bugs just doesn't mean much.  It means the average idiot who knows
> how to use a web browser and reaches rootshell.com probably can't hack
> you...but someone just a little higher up the food chain might not have
> any trouble at all hacking you.

A system administrator needs to be aware of information as soon as it is
available in regards to system security in order to protect his hard work
from the rootshell folks. Being a member of bugtraq, this list, and cert's
list helps alot but not in all instances, Any book on "RedHat Linux
Security" will be outdated before it is published. My opinion is to invest
the time and effort into a coordinated/combined mailing list which covers
EFFECTED Redhat Binaries in as little time from discovery as possible.

I've been subscribed to this list for several months and to be honest, I
get more information on bugtraq's list regarding RedHat specific security
spoits/repairs/new release info than this list.

As a matter of fact, I have seen no mention of the recent redhat audit on
this list or to the upgrades resulting from this audit.. Maybe the list is
not sending me all the messages? Maybe the moderator needs a standin?
shrug.

[mod: You mean that thread with "RedHat5.1 security flaws." as the
subject? Erik posted a "fixed a first batch of problems, off to fix
the rest" message, and after that I didn't see much more. Let me
repeat: As a moderator I try to keep the list free from Spam, postings
like "How do I create an account?", and postings like "I got hacked,
what did they exploit?". I depend on the reader community to make the
submissions. -- REW]

             +--------------------------------------------------+
             | David Gale                    Technical Director |
             |                  ICQ # 5402214                   |
             |           datApex Network Systems, INC.          |
             |            2441 Bellevue Ave, Suite A            |
             |             Daytona Beach, FL 32114              |
             |             http://www.datapex.com               |
             | Phone 904 257-2500 EXT 609     FAX 904 947-5358  |
             +--------------------------------------------------+

Follow-Ups:
- [linux-security] Re: RedHat 5.X Security Book
  - From: Digital Fins Inc

References:
- [linux-security] Re: RedHat 5.X Security Book
  - From: Jon Lewis

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]