Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261580AbUDHEaM (ORCPT ); Thu, 8 Apr 2004 00:30:12 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261597AbUDHEaM (ORCPT ); Thu, 8 Apr 2004 00:30:12 -0400 Received: from inti.inf.utfsm.cl ([200.1.21.155]:21659 "EHLO inti.inf.utfsm.cl") by vger.kernel.org with ESMTP id S261580AbUDHEaH (ORCPT ); Thu, 8 Apr 2004 00:30:07 -0400 Message-Id: <200404080430.i384TvCw005203@eeyore.valparaiso.cl> To: Sergiy Lozovsky Cc: Linux Kernel Mailing List Subject: Re: kernel stack challenge In-Reply-To: Your message of "Wed, 07 Apr 2004 21:07:56 MST." <20040408040756.95337.qmail@web40508.mail.yahoo.com> X-Mailer: MH-E 7.4.2; nmh 1.0.4; XEmacs 21.4 (patch 14) Date: Thu, 08 Apr 2004 00:29:57 -0400 From: Horst von Brand Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1864 Lines: 43 Sergiy Lozovsky said: > --- Horst von Brand wrote: > > Sergiy Lozovsky said: [...] > > > I started exactly with that. I found out shortly that > > > have no idea of functionality needed for such kind of > > > system. > > Come back when you have found out. > Sorry. I live in the real world. In 1999 I had servers > to protect. One of them was hacked and I started to > look for tools which could protect servers. I found > NOTHING. (there were some Intrusion Detection Systems, > which would alert you when your server was ALREADY > hacked - it was completely unacceptable for me). We had an unwellcome visitor in 2001... scrapped SomeOtherUnix shortly thereafter (a "security fix" installed a "remote administration facility" (complete with an extremely nice, well-known hole), which the cracker then used to "remotely administer" our machine...), no further trouble since it is all Linux now. Just be careful in what you install, how you configure, and keep patches up to date. I.e., a bit of common sense and care goes a _long_ way. Security is mostly a _people_ affair, and has much to do with being careful and attention to detail, it is not at all technical. Trying to solve such a people problem with (misguided) technical measures gets you nowhere. -- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 654431 Universidad Tecnica Federico Santa Maria +56 32 654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 797513 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/