On 10/28/2011 6:01 PM, Brian K. White wrote:
On 10/28/2011 12:50 PM, Togan Muftuoglu wrote:
On 10/28/2011 06:42 PM, Linux Tyro wrote:
On Fri, Oct 28, 2011 at 9:09 PM, Robert Schweikert<rjschwei@suse.com> wrote:
ok. Well, I just wanted to ask if the new release period could be increased (just a suggestion) from 8 months to something like a year, so that we (not from technical side) can all have a good grasp at the OS/distro, can know something about it before any new thing come into picture... However, it's just a question of 'if' this is a possibility or not...!
Upgrade is not obligatory, I am running versions back to 11.1 on a daily basis and some of the are web and mail servers. So you do not have to update to the new version every 8 months or so
life is endless possibilities and then there is the freedom of choosing
Togan
Then again I just spent a few days fighting with some hackers script that somehow manages to get _ROOT ACCESS_ to a few of my opensuse 11.2 machines, du apparently to a weakness in openssh.
I had done everything but shut off sshd entirely, sinec i need it myself, but I had disallowed root access, I had deleted all ssh keys and changed the password, and still they got in. Lucky for me it was just a script that only wanted to do one thing, execute perl and suck down a perl script to generate spam. It was running perl, as root, it could have done _anything_.
I captured forensic data by replacing the perl binary with a shell script
I'm sorry I just realized I kind of skipped a little background there, I did know from info in /proc that the hacker process was running perl, and that it was launched from a shell that was provided by sshd. Further investigation and eventual solution confirmed that multiple ways. -- bkw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org