[NBLUG/talk] openssh exploit?
E Frank Ball
frankb at efball.com
Tue Sep 16 11:04:00 PDT 2003
On Tue, Sep 16, 2003 at 10:31:34AM -0700, Daniel Smith wrote:
}
} Perhaps the deeper question for all of you running a personal
} server somewhere is: how much effort do you put into trying
} to pin down every last security bug? At what point do you
} say "you know, it's just my personal server, and the security
} is pretty good, but I have to take the time to get something
} else done besides upgrading all the time"? (note that I
} am not talking about commercial stuff, just personal servers)
I keep very up to date on any remote root exploits. I don't worry about
local user exploits or possible DOS type exploits too much.
It may be just my personal server, but rebuilding after it was rooted
would be a lot of work, it's much easier in the long run to keep it
patched.
Since I switched to debian keeping things patched hasn't been much work.
Debian stable has the new ssh already, testing doesn't yet.
--
E Frank Ball frankb at efball.com
More information about the talk
mailing list