%% Dave Sherohman <[EMAIL PROTECTED]> writes: ds> On Fri, Oct 25, 2002 at 04:58:09PM -0700, nate wrote:
>> tripped dozens of rules in my IDS and came back to me pissing their >> pants saying my SSH was vulnerable because it wasn't the absolute newest, >> took some time to convince them(had to talk to one of their engineers >> who understood what backporting was) that we were not vulnerable to the >> specific things they were probing for. ds> Quick and easy way to convince them: "Really? How's about I stand ds> here and watch you exploit it." Shouldn't take more than 5-10 ds> minutes of banging their head against your server to realize that ds> no, it's not vulnerable. You obviously don't understand the corporate IT mindset :)--it's not up to them to prove your system is vulnerable, it's up to _you_ to prove that it isn't. If they think it's vulnerable or don't believe you they'll just blacklist it from the network and you're SOL. They have all the power, because they control the network (routers/switches/firewalls/etc.) Of course, given the average level of understanding of these things in a corporate IT environment I'd be very surprised if many of them would look at the Debian extended version string and go "oh, yeah, Debian has a patched version; that's fine" so I'm not sure how much _immediate_ help it is anyway. But, at least you can point them at the appropriate security alerts and responses on the Debian web site and have some semblance of an argument to back you up. -- ------------------------------------------------------------------------------- Paul D. Smith <[EMAIL PROTECTED]> HASMAT--HA Software Mthds & Tools "Please remain calm...I may be mad, but I am a professional." --Mad Scientist ------------------------------------------------------------------------------- These are my opinions---Nortel Networks takes no responsibility for them. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
