Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] Security announcements
  • From: Fred Mobach <fred@xxxxxxxxx>
  • Date: Sun, 05 Mar 2000 20:59:42 +0100
  • Message-id: <38C2BCAE.B11F67F4@xxxxxxxxx>
Steffen Dettmer wrote:

> And I'm sure: an expirienced attacher/intruder get's such
> informations quickly, since he/she spent a lot of time searching
> for such things. They might attack if the find a security update
> somewhere. They have some time to test for vulnerabilities. And
> if the exploit becomes public, then they can try it on machines,
> since the admin cannot update just in time.

Consider all those scans that you can find in your logs. Are those attackers
capable to keep track of the combinations of IP addresses, services and
versions in a database ? Would they be capable, as soon as a vulnerability is
known to them, to search their database for IP addresses with that particular
version of that service ?

I'm afraid a system administrator has to be informed on vulnerabilities as soon
as they show up. In the worst case he might consider to shut down the service.
But as long as he's not informed he doesn't know that he has a problem and his
systems will be open for an attack. That's not what I prefer.


Fred Mobach

< Previous Next >
List Navigation