Comment Eternal Vigilance and Careful Security (Score 1) 339
Some friends of mine thought that it would be cool to setup a redhat box with at their school district. Zipity fast line and an administrator who was interested in samba made it seem both fun and possible.
So the machine sat there and was played with, and various stuff. Then some script kiddie found his way in. With a 'Rewt' kit and some time all of a sudden the machine no longer was under the control of my friends but someone who was creative enough to pick a uid of 420.
The point: Even a linux box can be filled with security holes and even on a linux box something like bo can run (port 31337 now allows anyone to telnet in and doesn't even require a login for root access).
I don't really mind people developing these root kits or bo or whatever exploits they care to come up with, but I don't like people screwing around with other peoples machines as these exploits invariably lead to. Now that my friends know about the various holes they are ready to reinstall and start patching holes, but if the machine were something serious they'd be screwed.
With various holes know, we (the comunity of computer users, and the comunity in general) should make sure that they are fixed. As well we should make sure that these exploits are not exploited by the corporations or anyone else.
peace
watch out for the conspirisy of tall men
