Technology Questions - View Single Post

#19 (**permalink**) 05-18-2008, 12:10 PM

"Baron" <baron.nospam@linuxmaniac.nospam.net> wrote in message
news:g0ptsf$k5q$2@registered.motzarella.org...
> dennis@home wrote:
>
>>
>>
>> "Baron" <baron.nospam@linuxmaniac.nospam.net> wrote in message
>> news:g0plr2$98s$2@registered.motzarella.org...
>>> dennis@home wrote:
>>>
>>>>
>>>>
>>>> "Baron" <baron.nospam@linuxmaniac.nospam.net> wrote in message
>>>> news:g0pbm5$k2f$1@registered.motzarella.org...
>>>>> elaich wrote:
>>>>>
>>>>>> "dennis@home" <dennis@killspam.kicks-ass.net> wrote in
>>>>>> news:g0nbn0$38v$1@news.datemas.de:
>>>>>>
>>>>>>> Of course your MB manufacturer may not do XP drivers as its such
>>>>>>> an old OS then you are stuck with vista (which is better than
>>>>>>> XP).
>>>>>>
>>>>>> Your the first person I've run into who thinks so.
>>>>>
>>>>> Add a "Me Too"
>>>>
>>>> However you are not the first person I have run into that thinks its
>>>> easier to clean a linux system than a windows one.
>>>
>>> I didn't say that at all !
>>>
>>>> Try cleaning up after the ssh key debacle and you will find out just
>>>> how hard it is to be sure a linux machine that has had a security
>>>> hole in it really is.
>>>
>>> Which ssh debacle was that ?
>>
>> This one incase you haven't checked your systems yet.
>>
> http://www.computerworld.com/action/...intsrc=hm_list
>> You need to check for exploits incase you or a machine you trusted has
>> been compromised as well as applying the patch.
>> Windows and Mac users also need to check as there are an unknown
>> number of linux servers that could have been compromised that they may
>> have been trusting.
>
> Thanks for the heads up ! Fortunately I nor any of my clients run
> any "Debian" systems. Which is why I hadn't picked up on this.

Unfortunately you don't have to run one to be affected.
Any server you accessed could have had one of the duff keys meaning you were
not safe if you trusted that site.
If you downloaded anything or needed secure login then you could have a
problem if the server keys were broken.
People generate keys on one machine and use them on others.