* Les Mikesell <lesmikesell@xxxxxxxxx> [20080825 19:39]: > Anders Karlsson wrote: >> You are making assumptions Les. You don't know how the perpetrator >> gained access. (Well, I am assuming you don't, but if you do, feel >> free to enlighten the rest of us.) > > Agreed - I don't know. And that's a problem when someone else does know > how to break into our systems - or we haven't been told that it was an > inside job. But that is pretty much the normal state of affairs! Any given OS have vulnerabilities (and if you argue that one - I'll be very surprised). There will be someone somewhere that works out how to exploit one of the vulnerabilities - and I can pretty much guarantee that the person ain't you. So the de-facto state of affairs is: * Someone else knows how to break in to your system Now - are you a big enough and prestigious enough target? Is there financial gain in attacking you? Is it easy enough to gain access to your systems to add them to a botnet? If you take reasonable and sensible precautions (i.e. make yourself a hard enough target to break in to) then you will be quite safe. This is standard practice. According to statistics, the majority of security breaches (I've heard numbers saying 80% - but I have no way to verify them) are inside jobs. Social engineering to gain access is also a common method, as it's an easy way to break in (look at Kevin Mitnick). If you are panicking over the current situation - you should have been in a state of panic six months ago, and still be in a state of panic in another six months. >> Until it's disclosed how (and where, when and why) - getting worked up >> over it is wasted energy. > > So is pretending that there is no reason to be concerned. Yes - so keep your pants on and await further details before working yourself up. Now is the time to perhaps be a little more alert (the world need more lerts) than normal, and just have patience to await further news. >> Congratulations on the very selective quoting as well. > > It doesn't make any sense to point out how serious a problem a breakin > is and then say everyone should just ignore it and go about their > business. Actually, I think it does. Nothing has been said about how the perpetrator got in, and I expect that to remain under wraps for some time to come. There is an investigation ongoing. That unauthorised access was had is pretty serious. So read something like cert.org to see if there are things to worry about. That's where all the disclosed vulnerabilities usually end up. If by "ignore it" you infer that we're saying "pretend it didn't happen", you have not understood what's been said. Do I want to know what happened - yes. Will I harrass the investigators to find out - no. (Hell, I'm still waiting to find out who shot JFK...) /Anders -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
