Date: Wed, 11 Jul 2001 22:20:17 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Martin McCormick" <martin@dc.cis.okstate.edu>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Another Security-related Question Message-ID: <001601c10a92$56398e00$1401a8c0@tedm.placo.com> In-Reply-To: <E15KQGo-000092-00@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Martin >McCormick >Sent: Wednesday, July 11, 2001 1:08 PM >To: freebsd-questions@FreeBSD.ORG >Subject: Another Security-related Question > > > After reading the Security section of the FreeBSD web >site, I still have a question which has been asked of me and >which I am relaying. > > If security holes are discovered in other versions of >UNIX, say, Solaris or one of the Linux varieties, is there any >mechanism under FreeBSD to see whether or not the same hole or >exploit possibility exists in FreeBSD? > Yes - but it depends on the TYPE of security hole. For the purposes of this discussion you can classify security holes into 2 major groups. There's those holes that are _theoretical_ in that somebody noticed something (like an input validation failure) that at some point in the future could be used by an exploit. Then there's the _practical_ security holes to which an exploit script has been released, or instructions have been released, etc. Now, if your going to get upset over the theoretical holes then your on your own. But, if you only really care about the practical holes, the best way to see if your FreeBSD server is vulnerable is to actually run the exploit script for that hole against your server. There's easy to use scanning programs like Saint which you can setup and use to do this for you. You must of course keep them updated with the latest version. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001601c10a92$56398e00$1401a8c0>