From: Steven Elling (ellings@kcnet.com)
Date: 04/21/03

Next message: Jonathan Hutchins: "Re: ACK! -- CONTINUED"
Previous message: Kurt Kessler: "Re: ACK! -- CONTINUED"
In reply to: Lucas Peet: "RE: ACK! -- CONTINUED"
Next in thread: Dustin Decker: "Re: ACK! -- CONTINUED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

From: Steven Elling <ellings@kcnet.com>
Subject: Re: ACK!  -- CONTINUED
Date: Mon, 21 Apr 2003 01:28:45 -0500
Message-Id: <200304210128.39226.ellings@kcnet.com>

On Sunday 20 April 2003 16:39, Lucas Peet wrote:
> In the end, I upgraded my OpenSSL packages, and it's never happened
> again. But I did learn a few things. One, I now upgrade any package
> that's installed on my system with a known vulnerability - whether I'm
> running/using it or not. And two, I learned that sometimes, getting
> hacked can be made into a good thing, by really lighting a fire under a
> sysadmin's ass and MAKING him be more security minded, less lazy, and
> all in all a better sysadmin because of it.

Another valuable lesson here is to remove packages from your system if you are
not using them --- IF your system will let you. The more packages installed
on your system the more risk involved.

Next message: Jonathan Hutchins: "Re: ACK! -- CONTINUED"
Previous message: Kurt Kessler: "Re: ACK! -- CONTINUED"
In reply to: Lucas Peet: "RE: ACK! -- CONTINUED"
Next in thread: Dustin Decker: "Re: ACK! -- CONTINUED"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]