Re: kernel stack challenge

[Horst von Brand]

Sergiy Lozovsky <serge_lozovsky@xxxxxxxxx> said:
> --- Horst von Brand <vonbrand@xxxxxxxxxxxx> wrote:
> > Sergiy Lozovsky <serge_lozovsky@xxxxxxxxx> said:

[...]

> > > I started exactly with that. I found out shortly that
> > > have no idea of functionality needed for such kind of
> > > system.

> > Come back when you have found out.

> Sorry. I live in the real world. In 1999 I had servers
> to protect. One of them was hacked and I started to
> look for tools which could protect servers. I found
> NOTHING. (there were some Intrusion Detection Systems,
> which would alert you when your server was ALREADY
> hacked - it was completely unacceptable for me).

We had an unwellcome visitor in 2001... scrapped SomeOtherUnix shortly
thereafter (a "security fix" installed a "remote administration facility"
(complete with an extremely nice, well-known hole), which the cracker then
used to "remotely administer" our machine...), no further trouble since it
is all Linux now. Just be careful in what you install, how you configure,
and keep patches up to date.

I.e., a bit of common sense and care goes a _long_ way. Security is mostly
a _people_ affair, and has much to do with being careful and attention to
detail, it is not at all technical. Trying to solve such a people problem
with (misguided) technical measures gets you nowhere.
-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/