On Mon, 11 Apr 2005 20:13:36 +0100, Chris Kenward wrote: > Hi Tom > > > I was reading an article where someone set up a "honeypot" to > > figure out how people were breaking into systems & figure out > > ways to stop them/track them... After an initial system install > > (no firewalls, no updates), the average time for someone to take > > over the machine was, like, less than 4 hours. (I'm thinking it > > was closer to 20 minutes) > > Scary stuff indeed. Makes me want to ditch the 6 redhat servers I'm running > and go back to Windows 2003! <flame suit ON!> ;) Huh? Without any knowledge of what base OS and version that "honeypot" was running in, you come to such a conclusion about your servers? The poster of above paragraph did not say that the machine was an up-to-date RHEL server. He explicitly mentioned "no updates". If you connect a machine to the Internet and forget to install the OS vendor's security errata packages, surely there are people "out there", who can exploit known vulnerabilities either with available scripts, rootkits or selfmade exploits. For a honeypot test, you usually compare break-in times with an up-to-date installation? Did this tester do that, too? -- Fedora Core release 3.91 (Pre-FC4) - Linux 2.6.11-1.1258_FC4 loadavg: 1.04 1.08 1.01 -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list