darmock
PIAF Developer
- Joined
- Oct 18, 2007
- Messages
- 2,892
- Reaction score
- 98
Ethan I am not quite sure what you are stating/asking?
Ward was simply stating that the dev team has not YET heard from someone, directly, running our distro having been attacked with this particular problem. We are trying to gain more information which about what exactly the exploit is/was. Unfortunately information is kind of sparse and the actual mechanism seems to be unknown. However if you have some knowledge beyond what is floating around various forums (including centos) please enlighten us.
We prefer to work with our own PIAF based systems that have been compromised in a similar fashion. I suppose that some will cry foul that we prefer to work with our own distro and not the others but it is what it is.
Several solutions have been suggested based on anecdotal evidence and we currently have those solutions implemented in alpha testing. We are also going ahead with some other hardening for our distro that has been in long term planning for a while.
Still the question remains how do you test a system that has been hardened with an anecdotal solution in response to an anecdotal problem when you really dont know how the problem occurred originally?
Enjoy
Tom
Ward was simply stating that the dev team has not YET heard from someone, directly, running our distro having been attacked with this particular problem. We are trying to gain more information which about what exactly the exploit is/was. Unfortunately information is kind of sparse and the actual mechanism seems to be unknown. However if you have some knowledge beyond what is floating around various forums (including centos) please enlighten us.
We prefer to work with our own PIAF based systems that have been compromised in a similar fashion. I suppose that some will cry foul that we prefer to work with our own distro and not the others but it is what it is.
Several solutions have been suggested based on anecdotal evidence and we currently have those solutions implemented in alpha testing. We are also going ahead with some other hardening for our distro that has been in long term planning for a while.
Still the question remains how do you test a system that has been hardened with an anecdotal solution in response to an anecdotal problem when you really dont know how the problem occurred originally?
Enjoy
Tom