On Mon, Mar 26, 2001 at 04:20:38PM +0100, Dave Smith wrote:
Erm, isn't 8.2.1 earlier than 8.2.3, and therefore at risk?
Can I assume that as: o My network connects to the net via a firewall o The only incoming connections that are allowed through the firewall are SSH and SMTP o All other ports are denied by the firewall that my otherwise vulnerable Bind server is not at risk? It's not running on the firewall box. I know I should probably upgrade anyway, but I'm intending to go to 7.1 or 7.2 soon, so I can't really be bothered - it's only my own personal network at home, so security isn't as important to me as it would be if it were a company network.
It should be important to you. This worm spreads by using compromised hosts to scan for vulnerable machines. I believe that SuSE has upgraded RPMs available. You never know what unknown vulnerabilities are out there. Therefore you should close all of the ones that you do know of. - v -- Victor R. Cardona vcardona@home.com "Behold the keyboard of Kahless, the greatest Klingon code warrior that ever lived!"