Re: My machine was hacked - possibly via sshd?

To: debian-security@lists.debian.org
Subject: Re: My machine was hacked - possibly via sshd?
From: amacater@galactic.demon.co.uk (Andrew M.A. Cater)
Date: Wed, 30 Mar 2005 07:55:12 +0000
Message-id: <[🔎] 20050330075512.GA5774@galactic.demon.co.uk>
In-reply-to: <[🔎] 20050329220832.GA6309@morgul.net>
References: <[🔎] Pine.LNX.3.96.1050328121215.32223A-100000@Maggie.Linux-Consulting.com> <[🔎] 42487665.6030007@yahoo.com> <[🔎] 1112045480.1502.1.camel@localhost> <[🔎] 20050329022521.GC9746@infidel.spots.ab.ca> <[🔎] 4248F6D9.5050104@yahoo.ca> <[🔎] 20050329111842.GA16602@mood.ritram.it> <[🔎] 20050329123855.GD26154@triv.org.uk> <[🔎] 20050329202555.GZ6309@morgul.net> <[🔎] 1112130992.9252.14.camel@localhost> <[🔎] 20050329220832.GA6309@morgul.net>

On Tue, Mar 29, 2005 at 05:08:32PM -0500, Noah Meyerhans wrote:
> On Wed, Mar 30, 2005 at 07:16:31AM +1000, David Pastern wrote:
> > And this, in reality, is why Woody is so old.  I cannot imagine any
> > other distro providing such an old kernel.
> 
> You've got cause and effect mixed up.  Debian is not outdated *because*
> we support ancient versions of software.  We support ancient versions of
> software because we are outdated.  No distribution provides support for
> their development branch before their stable branch.
> 
It may be noticed that other distributions are switching to a longer
release cycle for "commercial/enterprise" products. Mandrake is to
switch to one release a year (and they don't commit to support for old
releases for more than about a year), Novell/SUSE are moving to an 18
month release cycle and five year support, Red Hat are moving to 18
month/two year cycle and seven year support. Given the effort that it
takes to support something through even two years of hardware change -
Debian is actually doing "the right thing" for support by releasing on
its current release cycle and the big distributions will soon start to 
feel the pain of extended support cycles as well.  Debian point
releases when they come fix security and other issues. Potato had seven
- one a couple of weeks before the new release. Woody has had four and a
  fifth is in preparation. 

  Our main concerns are a.) Our users b.) Free
  software c.) Producing the best distribution we can d.) Across a range
  of hardware in support of a. and b. leading to c.

You want fast moving latest/greatest - switch your apt-get to
sid/unstable. You want tested software that is reasonably up to date -
switch to sarge/testing (soon sarge/stable).  [Testing changes on a
fairly regular basis] You want rock solid
software you don't want to touch for six months - switch to woody/stable.
It really is that simple. 

You can use pinning to pull in some packages from testing to stable or 
whatever if you really must.

Just IMHO

Andy

Reply to:

Follow-Ups:
- Re: My machine was hacked - possibly via sshd?
  - From: David Pastern <david@scsenterprises.com.au>
- Re: My machine was hacked - possibly via sshd?
  - From: "JM" <jmm19@humboldt.edu>

References:
- Re: My machine was hacked - possibly via sshd?
  - From: Alvin Oga <aoga@mail.Linux-Consulting.com>
- Re: My machine was hacked - possibly via sshd?
  - From: Malcolm Ferguson <Malcolm_Ferguson@yahoo.com>
- Re: My machine was hacked - possibly via sshd?
  - From: David Pastern <david@scsenterprises.com.au>
- Re: My machine was hacked - possibly via sshd?
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: My machine was hacked - possibly via sshd?
  - From: "Adam M." <ummajera@yahoo.ca>
- Re: My machine was hacked - possibly via sshd?
  - From: Maurizio Lemmo - Tannoiser <mizio@tenzione.it>
- Re: My machine was hacked - possibly via sshd?
  - From: Simon Heywood <simon@triv.org.uk>
- Re: My machine was hacked - possibly via sshd?
  - From: Noah Meyerhans <noahm@debian.org>
- Re: My machine was hacked - possibly via sshd?
  - From: David Pastern <david@scsenterprises.com.au>
- Re: My machine was hacked - possibly via sshd?
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: bid 12877, apache mod_ssl remote DoS
Next by Date: Re: My machine was hacked - possibly via sshd?
Previous by thread: Re: My machine was hacked - possibly via sshd?
Next by thread: Re: My machine was hacked - possibly via sshd?
Index(es):
- Date
- Thread