On 09.04.20 11:55, Rudolf Leitgeb wrote: > As soon as your server does anything useful, it will > present an attack vector to the outside world, and one needs to > be aware of it. > just to add to your argument: your server does not even have to do anything ... the interface driver or just the tcp ip stack can also be vulnerable. e.g. I hit the nasty bug in OpenBSD 6.0 where ipv6 router advertisements did crash my freshly installed boxes remotely ... this was one of those "WTF" moments when you stand in front of your racks and see 4 kernel panics at the same time. And where there is such a bug, there might be a possibility to inject a payload and execute stuff.
- Re: news from my hacked box Rudolf Leitgeb
- Re: news from my hacked box Kevin Chadwick
- Re: news from my hacked box Rudolf Leitgeb
- Re: news from my hacked box Kevin Chadwick
- Re: secure MTA (was: news from ...) Claus Assmann
- Re: secure MTA Kevin Chadwick
- Re: secure MTA Claus Assmann
- Re: secure MTA Theo de Raadt
- Re: secure MTA (was: news from ...) Allan Streib
- Re: secure MTA (was: news from ...) Rudolf Leitgeb
- Re: secure MTA (was: news from ...) infoomatic
- Re: secure MTA Kevin Chadwick
- Re: secure MTA Rudolf Leitgeb
- Re: secure MTA Kevin Chadwick
- Re: secure MTA Erling Westenvik
- Re: news from my hacked box Cord
- Re: news from my hacked box Rudolf Leitgeb
- Re: news from my hacked box Cord
- Re: news from my hacked box Rudolf Leitgeb
- Re: news from my hacked box Cord
- Re: news from my hacked box Cord
