Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 11 Jul 2001 22:20:17 -0700
From:      "Ted Mittelstaedt" <tedm@toybox.placo.com>
To:        "Martin McCormick" <martin@dc.cis.okstate.edu>, <freebsd-questions@FreeBSD.ORG>
Subject:   RE: Another Security-related Question
Message-ID:  <001601c10a92$56398e00$1401a8c0@tedm.placo.com>
In-Reply-To: <E15KQGo-000092-00@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 

>-----Original Message-----
>From: owner-freebsd-questions@FreeBSD.ORG
>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Martin
>McCormick
>Sent: Wednesday, July 11, 2001 1:08 PM
>To: freebsd-questions@FreeBSD.ORG
>Subject: Another Security-related Question
>
>
>	After reading the Security section of the FreeBSD web
>site, I still have a question which has been asked of me and
>which I am relaying.
>
>	If security holes are discovered in other versions of
>UNIX, say, Solaris or one of the Linux varieties, is there any
>mechanism under FreeBSD to see whether or not the same hole or
>exploit possibility exists in FreeBSD?
>

Yes - but it depends on the TYPE of security hole.

For the purposes of this discussion you can classify security holes into 2
major groups.  There's those holes that are _theoretical_ in that somebody
noticed something (like an input validation failure) that at some point in the
future could be used by an exploit.

Then there's the _practical_ security holes to which an exploit script has
been released, or instructions have been released, etc.

Now, if your going to get upset over the theoretical holes then your on your
own.

But, if you only really care about the practical holes, the best way to see if
your FreeBSD server is vulnerable is to actually run the exploit script for
that hole against your server.

There's easy to use scanning programs like Saint which you can setup and use
to do this for you.  You must of course keep them updated with the latest
version.



Ted Mittelstaedt                                       tedm@toybox.placo.com
Author of:                           The FreeBSD Corporate Networker's Guide
Book website:                          http://www.freebsd-corp-net-guide.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001601c10a92$56398e00$1401a8c0>