[PLUG] Joe Jobbed
Ronald Chmara
ron at Opus1.COM
Sat Oct 6 03:11:07 UTC 2007
On Oct 5, 2007, at 9:29 AM, alan wrote:
> On Fri, 5 Oct 2007, Rich Shepard wrote:
>> On Fri, 5 Oct 2007, Michael Rasmussen wrote:
>>> "The vast majority of the threats we saw were rootkitted Linux
>>> boxes,
>>> which was rather startling. We expected Microsoft boxes," he said.
>> Unpatched boxes ... for whatever reason? No firewalls or IP
>> table rules?
>> Other reasons?
> Hosting sites that do not install Yum. (I know of at least one.)
> I blame
> Plesk.
I don't.
I blame lazy distros, who don't keep on top of security (Cent,
Debian, Ubuntu, RHEL... the whole lot of 'em are to blame).
I blame lazy admins, who think that uptime is more important than
security upgrades (if you are running a machine a year old, maybe you
*deserve* to be rootkit'ed).
I blame users (and admins) who don't understand that a disturbingly
large number of "web applications" are complete and total rubbish
(Joomla, WordPress, phpBB, phpNuke, Plesk, phpMyAdmin, cPanel... the
list is insane) when it comes to security.
So, here's a quick survey:
Who has a web server that was running PHP 5.2.4, openSSL 0.9.8d,
Apache 2.2.6, and a 2.6.22.9 kernel *before* I sent this message?
(I expect crickets, but will buy a beer (or quite a few) for anybody
who is keeping *actually* current, rather than "distro-current"....
Python- and Perl-centric servers can apply, but only if they are
running the latest security-fix sources as well.)
If not, *why* not, because those *are* the latest security patches
for those very simple, *core*, pieces of most linux web servers?
-Ronabop
More information about the PLUG
mailing list