Gentoo Archives: gentoo-desktop

From: Lindsay Haisley <fmouse-gentoo@×××.com>
To: gentoo-desktop@l.g.o
Subject: Re: [gentoo-desktop] Vulnerabilities on an RFC-1918 masqueraded Linux box.
Date: Thu, 24 Mar 2011 15:03:29
Message-Id: 1300978902.21521.245.camel@vishnu.fmp.com
In Reply to: Re: [gentoo-desktop] Vulnerabilities on an RFC-1918 masqueraded Linux box. by Roman Zilka
On Thu, 2011-03-24 at 10:29 +0100, Roman Zilka wrote:
> > I actually did mean libmng - it's a good example exactly because it's > so unpopular, yet exists on real systems. As for the reference, see > `emerge -pv libmng`.
Sorry! I did a google search for "libmng" yesterday and turned up nothing. I must have misspelled it since I tried it today and came up with all kinds of references. My apologies to all.
> For the sake of security of that server, I hope you skipped a number > of other steps you took.
I had one of my colleagues, who runs one of Austin's top computer security firms take a look at the situation. He concurred with me on the diagnosis, and there were a limited number of things that could be done, including updating glibc. Customers are free to put whatever they want on their websites, and those who run WordPress are warned that they're liable for damages if their apps get hacked and the system compromised.
> I suggest quitting this discussion. It's getting way > off-topic, too general and unfit for this mailinglist, as all these > questions can be answered by checking sources someone else has > previously spent their time on writing.
Roman, are you a moderator on this list? The Gentoo website describes it as a "Mailing list devoted to Gentoo on the desktop" so I assumed that Gentoo desktop security was an appropriate topic. That having been said, perhaps you might recommend a few of the best "sources someone else has previously spent their time on writing" since you seem to have knowledge of these, and I'll be happy to let the thread drop. -- Lindsay Haisley | "The difference between a duck is because FMP Computer Services | one leg is both the same" 512-259-1190 | - Anonymous http://www.fmp.com |

Replies

Subject Author
Re: [gentoo-desktop] Vulnerabilities on an RFC-1918 masqueraded Linux box. Roman Zilka <zilka@×××××××.cz>