Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Confessions of a closet OpenBSD user
- Date: Fri, 28 Jun 2002 10:41:52 +0900
- From: "Jonathan Q" <jq@example.com>
- Subject: Re: [tlug] Confessions of a closet OpenBSD user
Just one last whack at the dead horse :-) I think a contributing factor in any swell of anti-Theo/anti-OpenBSD sentiment that arose was the fact that this wasn't just any vulnerability - it was a vulnerability in a tool that so many of use depend on for secure remote access to our systems. That scares people, and it should. That also produces stress, which tends to produce impassioned rhetoric. But if we step back for a wider view of the situation, we can see that while neither SSH nor OpenSSH have perfect security histories (what does?) they both have very good ones. Moreover, the vulnerability was handled very well. A lid was kept on it while work progressed on both a work around (3.3) and a full fix (3.4). I have no knowledge of any machine that was rooted via this exploit; does anybody else know of any confirmed compromises via that whole? All in all, while a remote root vulnerability is a serious thing and causes us all to put in some long hours, it wasn't a huge crisis. Just compare it to how we (and NT admins) usually find about the latest IIS 'sploit or VB worm: when it starts spreading like wildfire. Even now, Code Red and Ida scans are commonplace, and I see so many emails that want to get my advice. And don't even ask how many Klez bounces clog the postmaster mail box. Nobody can count that high :-p Now that the nature of the vulnerability is known, some people will probably get rooted via that route as the price of not upgrading, but the worst that can happen is that box then becomes a zombie. It can't directly take down anybody else's system after getting owned itself. Compared to the way vulnerabilities often go down in the Windows world, this has been a quiet day at the office :-) At the end of the day, I'm left counting my blessings that our platform has as few security vulnerabilities as it does. Microsoft products seem to have more trouble in a month or two than we have in a year. Don't worry, be happy :-) Jonathan
- Follow-Ups:
- Re: [tlug] Confessions of a closet OpenBSD user
- From: Matt Doughty
- Re: [tlug] Confessions of a closet OpenBSD user
- From: Josh Glover
- Re: [tlug] Confessions of a closet OpenBSD user
- From: Stephen J. Turnbull
- Re: [tlug] Confessions of a closet OpenBSD user
- References:
- Re: [tlug] Confessions of a closet OpenBSD user
- From: Josh Glover
- Re: [tlug] Confessions of a closet OpenBSD user
- Prev by Date: Re: [tlug] Re: new computer configuration
- Next by Date: Re: [tlug] Confessions of a closet OpenBSD user
- Previous by thread: Re: [tlug] Confessions of a closet OpenBSD user
- Next by thread: Re: [tlug] Confessions of a closet OpenBSD user
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |