On Fri, Oct 25, 2002 at 04:58:09PM -0700, nate wrote: > tripped dozens of rules in my IDS and came back to me pissing their > pants saying my SSH was vulnerable because it wasn't the absolute newest, > took some time to convince them(had to talk to one of their engineers > who understood what backporting was) that we were not vulnerable to the > specific things they were probing for.
Quick and easy way to convince them: "Really? How's about I stand here and watch you exploit it." Shouldn't take more than 5-10 minutes of banging their head against your server to realize that no, it's not vulnerable. -- When we reduce our own liberties to stop terrorism, the terrorists have already won. - reverius Innocence is no protection when governments go bad. - Tom Swiss -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
