From owner-freebsd-questions Fri Sep 28 2:29:11 2001 Delivered-To: freebsd-questions@freebsd.org Received: from gamma.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 1334737B406 for ; Fri, 28 Sep 2001 02:29:08 -0700 (PDT) Received: (qmail 32319 invoked from network); 28 Sep 2001 09:29:06 -0000 Received: from dclient217-162-128-224.hispeed.ch (HELO athlon550) (217.162.128.224) by 0 with SMTP; 28 Sep 2001 09:29:06 -0000 Date: Fri, 28 Sep 2001 11:33:13 +0200 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <137315019814.20010928113313@buz.ch> To: Kris Kennaway Cc: questions@FreeBSD.ORG Subject: Re[2]: FreeBSD a good choice for high performance webservers? In-Reply-To: <20010928022701.A8914@xor.obsecurity.org> References: <60164745040.20010926174838@buz.ch> <20010926095640.C86198@xor.obsecurity.org> <20010926123312.A51520@switchblade.cyberpunkz.org> <187172118202.20010926195131@buz.ch> <20010926220622.A92357@xor.obsecurity.org> <70310952606.20010928102525@buz.ch> <20010928020447.A8606@xor.obsecurity.org> <124313710411.20010928111123@buz.ch> <20010928022701.A8914@xor.obsecurity.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- Hello Kris, Friday, September 28, 2001, 11:27:02 AM, you wrote: >> I think this applies if you install all the patches as they become >> available (which you should do with any OS outthere). AFAIK, they >> consider not having a remote root hole to be true as long as they >> patch the holes before they get publicly announced by themselves. > No, that still fails..the telnetd hole was discovered by others. > They only seem to count it if it was a vulnerability in the very > latest version of OpenBSD at the time it was publicized; too bad if > the > previous version from 3 months ago shipped with the vulnerability > in place but that service was disabled just after the release. That still means you would have been safe if you tracked CVS and did disable telnetd yourself. It's not really what I'd expect but from a certain point of view, they are right. >> system that's that stripped down the default installation of >> OpenBSD is... > Yes, indeed. The same is true for most systems, including FreeBSD. > Perhaps even for M$... Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO7Q1zMZa2WpymlDxAQHvgAf/T+JgRNDnjlAtB2sIghGAls+vDhbiuepT bOp1mJEO9Lk0dwDITJ4dgnnLfjw3ItTjhiWpv/SYfAgQuBoy9dkL6gw/rlSVgRIO 2Bi38SEUecei/4+A3iITrCOeTj+XR0skO4xz2wrHoYN/YZnp3J4efR/qGS5tVws6 zCeS1wxqT75+Vt33U7KJ8wjHchUGcEPdRsUunW/Qr169NUYn++qCuT8FZyiwOCQf j+o7VkLzFH9oEYATNIuskft2jpv0gacaqxSKxf+AElItTMpz/6B7D8xxKyUBnng9 qo9pBsxKN8HdO7L+iQriJvEhakut6WqsBz/nvP4QLrHqgEZCM4xKKw== =D+i0 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message