Date: Fri, 2 Jan 2009 22:53:29 +0100 (CET) From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> To: cpghost <cpghost@cordula.ws> Cc: freebsd-questions@freebsd.org Subject: Re: Foiling MITM attacks on source and ports trees Message-ID: <20090102225246.C39956@wojtek.tensor.gdynia.pl> In-Reply-To: <20090102193002.GA72103@phenom.cordula.ws> References: <20090102164412.GA1258@phenom.cordula.ws> <cd6b4a5b0901020926t11dc7817j74e44cf61980f262@mail.gmail.com> <20090102180524.GA1742@phenom.cordula.ws> <20090102200221.K39573@wojtek.tensor.gdynia.pl> <20090102193002.GA72103@phenom.cordula.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
>> other ways to compromise Your systems. >> >> if one really care then make your VPN for all your computers, use one that >> is unknown for others to download portsnap etc. and then use rsync to >> populate it to other machines. > > I'm already getting the files from one location and disseminate > them via rsync-over-SSH-over-VPNs to the server farms. But the > problem is the initial download from a cvsup mirror. That's the > one I'm really concerned with. just use widely-"unknown" computer like your private, even better - something that have dynamic IP :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090102225246.C39956>