[–] citizensixteen 10y ago ↗ Does anyone know how many other Linux distributions have come under similar attack? [–] chei0aiV 10y ago ↗ Debian at least. kernel.org too. Ubuntu Forums at one point. Gentoo too. [–] mispeled 10y ago ↗ So what's the right process to avoid this when performing new Linux installations?Image the machine, quarantine it for a few weeks, wait for news of attacks - if you hear nothing, dequarantine the system and proceed with normal use? [–] chei0aiV 10y ago ↗ Verify the OpenPGP signatures provided by the distribution, keep up to date with security issues and join the distribution to help out with hardening it.Some links for Debian:https://www.debian.org/CD/faq/#verify https://www.debian.org/CD/verify https://wiki.debian.org/Hardening/Goals https://wiki.debian.org/Hardening/RepoAndImages https://security-tracker.debian.org/tracker/data/report https://www.debian.org/doc/manuals/developers-reference/pkgs... http://security-team.debian.org/
[–] chei0aiV 10y ago ↗ Debian at least. kernel.org too. Ubuntu Forums at one point. Gentoo too. [–] mispeled 10y ago ↗ So what's the right process to avoid this when performing new Linux installations?Image the machine, quarantine it for a few weeks, wait for news of attacks - if you hear nothing, dequarantine the system and proceed with normal use? [–] chei0aiV 10y ago ↗ Verify the OpenPGP signatures provided by the distribution, keep up to date with security issues and join the distribution to help out with hardening it.Some links for Debian:https://www.debian.org/CD/faq/#verify https://www.debian.org/CD/verify https://wiki.debian.org/Hardening/Goals https://wiki.debian.org/Hardening/RepoAndImages https://security-tracker.debian.org/tracker/data/report https://www.debian.org/doc/manuals/developers-reference/pkgs... http://security-team.debian.org/
[–] mispeled 10y ago ↗ So what's the right process to avoid this when performing new Linux installations?Image the machine, quarantine it for a few weeks, wait for news of attacks - if you hear nothing, dequarantine the system and proceed with normal use? [–] chei0aiV 10y ago ↗ Verify the OpenPGP signatures provided by the distribution, keep up to date with security issues and join the distribution to help out with hardening it.Some links for Debian:https://www.debian.org/CD/faq/#verify https://www.debian.org/CD/verify https://wiki.debian.org/Hardening/Goals https://wiki.debian.org/Hardening/RepoAndImages https://security-tracker.debian.org/tracker/data/report https://www.debian.org/doc/manuals/developers-reference/pkgs... http://security-team.debian.org/
[–] chei0aiV 10y ago ↗ Verify the OpenPGP signatures provided by the distribution, keep up to date with security issues and join the distribution to help out with hardening it.Some links for Debian:https://www.debian.org/CD/faq/#verify https://www.debian.org/CD/verify https://wiki.debian.org/Hardening/Goals https://wiki.debian.org/Hardening/RepoAndImages https://security-tracker.debian.org/tracker/data/report https://www.debian.org/doc/manuals/developers-reference/pkgs... http://security-team.debian.org/
[–] ivraatiems 10y ago ↗ This actually looks pretty good. It seems like they are taking this quite seriously.Love Mint or hate Mint, it's too important to be vulnerable.
5 comments
[ 3.2 ms ] story [ 20.7 ms ] threadImage the machine, quarantine it for a few weeks, wait for news of attacks - if you hear nothing, dequarantine the system and proceed with normal use?
Some links for Debian:
https://www.debian.org/CD/faq/#verify https://www.debian.org/CD/verify https://wiki.debian.org/Hardening/Goals https://wiki.debian.org/Hardening/RepoAndImages https://security-tracker.debian.org/tracker/data/report https://www.debian.org/doc/manuals/developers-reference/pkgs... http://security-team.debian.org/
Love Mint or hate Mint, it's too important to be vulnerable.