On Tue, Apr 26, 2005 at 11:05:29AM +0200, Michael Schwendt wrote: > On Mon, 11 Apr 2005 20:13:36 +0100, Chris Kenward wrote: > > > > I was reading an article where someone set up a "honeypot" to > > > figure out how people were breaking into systems & figure out > > > ways to stop them/track them... After an initial system install > > > (no firewalls, no updates), the average time for someone to take > > > over the machine was, like, less than 4 hours. (I'm thinking it > > > was closer to 20 minutes) > > > > Scary stuff indeed. Makes me want to ditch the 6 redhat servers I'm running > > and go back to Windows 2003! <flame suit ON!> ;) > > Huh? Without any knowledge of what base OS and version that "honeypot" was > running in, you come to such a conclusion about your servers? The poster > of above paragraph did not say that the machine was an up-to-date RHEL > server. He explicitly mentioned "no updates". Actually, I believe that somebody from Red Hat had looked at every patch they've released for RHEL 3 and determined that if you installed it naked on the Internet with *NO* updates but in its default configuration, it would not yet have been penetrated even if you installed it the day it was released (Oct 2003 I think). If you look at most of the RHEL 3 vulnerabilities, they're local root exploits - i.e. you already need to be on the system before you can elevate your privilege level. I would prefer that the bad guys don't get on my system in the first place... -- Ed Wilts, RHCE Mounds View, MN, USA mailto:ewilts@xxxxxxxxxx Member #1, Red Hat Community Ambassador Program -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
