Debian attacker may have used new exploit
Robert Brockway
robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org
Tue Dec 2 19:17:24 UTC 2003
On Tue, 2 Dec 2003, Justin Zygmont wrote:
> what I don;t understand about this, is how could they know that this was
> the exploit the hacker used, what if there is something else?
I believe the attacker left some clues such as binaries lying around and
these were reverse engineered, revealing the exploit. I understand the
Redhat & Suse security teams worked with the Debian developers on this
one.
It isn't impossible that there is another exploit but I consider it
unlikely. Occam's Razor suggests it is likely only one exploit was used.
If I leave the front door open and the back door open a burglar will
probably only enter through one of them. The burglar may not even
discover the other is open.
There might be other exploits on the Debian servers but that is as likely
to be the case as on any other box. A properly patched box shouldn't have
any known security problems.
Rob
--
Robert Brockway B.Sc. email: robert-5LEc/6Zm6xCUd8a0hrldnti2O/JbrIOy at public.gmane.org, zzbrock at uqconnect.net
Linux counter project ID #16440 (http://counter.li.org)
"The earth is but one country and mankind its citizens" -Baha'u'llah
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list