Date: Fri, 28 Sep 2001 11:33:13 +0200 From: Gabriel Ambuehl <gabriel_ambuehl@buz.ch> To: Kris Kennaway <kris@obsecurity.org> Cc: questions@FreeBSD.ORG Subject: Re[2]: FreeBSD a good choice for high performance webservers? Message-ID: <137315019814.20010928113313@buz.ch> In-Reply-To: <20010928022701.A8914@xor.obsecurity.org> References: <60164745040.20010926174838@buz.ch> <20010926095640.C86198@xor.obsecurity.org> <20010926123312.A51520@switchblade.cyberpunkz.org> <187172118202.20010926195131@buz.ch> <20010926220622.A92357@xor.obsecurity.org> <70310952606.20010928102525@buz.ch> <20010928020447.A8606@xor.obsecurity.org> <124313710411.20010928111123@buz.ch> <20010928022701.A8914@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hello Kris, Friday, September 28, 2001, 11:27:02 AM, you wrote: >> I think this applies if you install all the patches as they become >> available (which you should do with any OS outthere). AFAIK, they >> consider not having a remote root hole to be true as long as they >> patch the holes before they get publicly announced by themselves. > No, that still fails..the telnetd hole was discovered by others. > They only seem to count it if it was a vulnerability in the very > latest version of OpenBSD at the time it was publicized; too bad if > the > previous version from 3 months ago shipped with the vulnerability > in place but that service was disabled just after the release. That still means you would have been safe if you tracked CVS and did disable telnetd yourself. It's not really what I'd expect but from a certain point of view, they are right. >> system that's that stripped down the default installation of >> OpenBSD is... > Yes, indeed. The same is true for most systems, including FreeBSD. > Perhaps even for M$... Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBO7Q1zMZa2WpymlDxAQHvgAf/T+JgRNDnjlAtB2sIghGAls+vDhbiuepT bOp1mJEO9Lk0dwDITJ4dgnnLfjw3ItTjhiWpv/SYfAgQuBoy9dkL6gw/rlSVgRIO 2Bi38SEUecei/4+A3iITrCOeTj+XR0skO4xz2wrHoYN/YZnp3J4efR/qGS5tVws6 zCeS1wxqT75+Vt33U7KJ8wjHchUGcEPdRsUunW/Qr169NUYn++qCuT8FZyiwOCQf j+o7VkLzFH9oEYATNIuskft2jpv0gacaqxSKxf+AElItTMpz/6B7D8xxKyUBnng9 qo9pBsxKN8HdO7L+iQriJvEhakut6WqsBz/nvP4QLrHqgEZCM4xKKw== =D+i0 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?137315019814.20010928113313>