| Author | Message | Time |
|---|---|---|
| St0rm.iD | Any opinions on the recent slew of vulnerabilities (new windows vuln, ssh, sendmail, lsh, java, and the remnants of blaster and sobig)? | September 21, 2003, 3:38 PM |
| Thing | I think Haggis is an ass for posting that lsh 0day. The big one is on the way. Thanks Adron for patching that box before I even knew about the vuln. I wish I could sell off my Winders boxes and never have to use them again. | September 21, 2003, 4:44 PM |
| j0k3r | Am I missing something? It seems as though you know of some sort of an attack that's gunna happen. | September 21, 2003, 4:53 PM |
| Yoni | As I see it, anyone who was careful was not affected. Note: By "careful" I don't necessarily mean "technically gifted". An average person who wants to be careful runs Windows, installs an anti-virus and a firewall and considers the box secured without taking any further care of it. The anti-virus would update itself; SoBig blocked. The firewall would block RPC; Blaster blocked. Windows XP automatically installs WU critical patches by default; Blaster blocked, even without the requirement of a firewall. I can't comment much on OpenSSH and lsh vulnerabilities, but I suppose anyone who was careful patched them quickly enough... Plus, they were advertised on Slashdot. sendmail, java? I think I entirely missed something... | September 21, 2003, 9:49 PM |