Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] SuSE security reputation, etc..
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Thu, 3 Aug 2000 11:32:43 +0200 (MEST)
  • Message-id: <Pine.LNX.4.21.0008031123020.7754-100000@xxxxxxxxxxxx>
[...]
> > That said, I like your suggestion of making SuSE the most secure Linux
> > distro, so let's go on discussing real security issues ... ;-)
> That said and done I have a problem. Someone broke into my system and
> acquired root rights. I heard him say that it was a problem with the suse
> shell. Any ideas? At the time I was still running 6.1 though now I run
> 6.4. A check in his home directory shows only crack and I know that my
> root password does not fit the criteria looked at by crack since it
> contains a mixture of numbers letters and ascii characters. more over it
> is not based on any word at all and therefore makes no sense.
> I would also love to know how I can find any trojan horses he may have
> installed since I know that he had a number of root kits and such.
[...]
> Noah
> ksemat@xxxxxxxxxx

Difficult to tell... more information is necessary to even guess what was
going on.

Vendors provide newer versions of their software (regardless if GNU/Linux
or commercial) because bugs get fixed (and reincorporated, yes...) and
features get added. A vanilla 6.1 without any updates is open to several
vulnerabilities. If connected to a network, your host needs attention
every now and then.

Thanks,
Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| N├╝rnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -


< Previous Next >
References