Menu
▾
▴
Re: [IPCop-devel] IPCop v0.0.9 release
|
From: Richard L. <ce...@l-...> - 2001-12-30 06:33:48
|
>> How long could ipcop.org remain hijacked and none of you security >> gurus notice it? > >If it's hijacked for a small region and not the entire planet, it could >go on for months and effect thousands of users. IMO, that is unlikely. Perhaps mirror sites should be audited by a cron job to ensure that their .iso file is the same as the master[s]. That certainly seems better than the "single point of failure (intrusion)" model to me. Of course, now that audit itself is subject to attack, but if there are a handful of machines doing independent audits, or even if the mirror itself is doing the auditing as part of its process, it would only take one pair of eyeballs to detect something wrong in that cron job, and we'd know it. -- WARNING ri...@ze... email address is an endangered species Use ce...@l-... instead |