Sam Drinkard <sam@xxxxxxxxxx> wrote:
> I was more curious why it was considered lame server
whereas
> prior to CentOS, it worked well, and was not considered
lame
> under BSD.
No difference.
ISC BIND v8 (used by both Linux and BSD IIRC) had a lot of
buffer overflows and other holes. I personally got hit by
one in 8.2.1 -- although that was my fault. I stupidly
hadn't updated for 4 months since the first BIND shell
exploits became available, which was 5 months later than when
the patches/upgrades appeared (meaning I was out-of-date by 9
months total). It took me a bit, but I discovered a rootkit
was installed -- but only because the original compromiser
left his original BIND shell running.
Luckily the system was in its own DMZ, and I did not use the
same passwords for anything else.
Today I use both host and network IDSes, and catch these
things when they happen -- even at home.
--
Bryan J. Smith Professional, Technical Annoyance b.j.smith@xxxxxxxx http://thebs413.blogspot.com
----------------------------------------------------
*** Speed doesn't kill, difference in speed does ***
