-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Justin Mattock wrote: | On Fri, May 30, 2008 at 5:51 PM, Matthew Hammer | <matthewhammer89@xxxxxxxxx> wrote: |> On Fri, 30 May 2008 17:04:41 +0000 |> "Justin Mattock" <justinmattock@xxxxxxxxx> wrote: |> |>> Hello; First I need to start with a status: SELinux seems to be |>> handling nicely with the latest git, and refpolicy. You guys really do |>> a good job. |>> Now for the question: I noticed reading the New York Times that |>> Comcast was hacked into, after reading the article I couldn't help but |>> ask the question |>> of "If comcast was using Linux with SELinux would this have happened". |>> So the question to SELinux is: If Comcast was using Linux, with |>> SELinux on there servers |>> would this attack have been prevented? What should Comcast have had |>> with there set up to better protect them from this type of |>> attack?(even though they probably use windows) |>> How would regular users and small businesses protect themselves from |>> this type of terrorism? |>> regards; |> My understanding of the comcast hack was that the hackers altered |> Comcast's registration information with the vendor that registers their |> domain. So no, the problem wasn't anything internal with comcast's own |> system. |> |> -- |> Matthew Hammer |> | | AAhh I see, the vendor that registers their domain. | Of course the next question is whether the vendor who registers their doimains had been running SELinux, could it be stopped, and there is a good possibility. Depending on the Version, SELinux prevents most buffer overflow attacks on confined domains. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkhAVPQACgkQrlYvE4MpobPWSwCfQnk59XT5A7vZ/hL8JtHJGBj5 9fkAoJ+RKyeW/Vcd86U7syYUK9T17zwR =tzTL -----END PGP SIGNATURE----- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
