On Mon, 21 Feb 2000, Michael H. Warfield wrote:
> On Sun, Feb 20, 2000 at 10:23:28PM -0800, M. Erickson wrote:
> > where can I get more info on this rootkit and how to defend against it?
> > some fsck is taking down a couple of my friends' boxes.
> > /me
>
> ADMROCKS is an attack against name daemons which are not up
> to date. Like lots of other security holes, the defense is to stay
> up to date on the RPM. There are update RPMS from RedHat for bind
> which eliminate this problem.
>
> If they are vulnerable to ADMROCKS then chances are they are
> vulnerable to a variety of other holes. Time to camp out on the RedHat
> errata pages and get everything up to date.
Not to push an issue-
Awhile back someone (with an email @redhat.com) asked in (what i thought
was) seriousness about a 'service pack' style fix. I read this post and
think "Wow. To think that for NT all I have to do is run 1 program and
all the bugs are fixed". Yes, I know more is usually broken. Yes, I know
that not all of them are fixes. Yes, I know you are going to tell me
Linux is better than NT.
But if my choice is downloading a service pack that will fix 'major'
security holes and reading down a checklist of a few hundred, i'm gonna go
for the service pack.
My firewall is kept up to date, but the machines on the inside? Not worth
the effort to update stuff that I may or may not use.
So, in askance, why not have a monthly 'service pack' of files that should
be applied to a base install, since updated ISO images aren't in
existance?
Jason Hirsch
>
> > ________________________________________________________________
> > Mike Erickson <[EMAIL PROTECTED]> http://www.fix.net/~merickson/
> > "The world is my country and my religion is to do good."-T Paine
>
> Mike
> --
> Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
> (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
