From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Original-To: caml-list@yquem.inria.fr Delivered-To: caml-list@yquem.inria.fr Received: from mail4-relais-sop.national.inria.fr (mail4-relais-sop.national.inria.fr [192.134.164.105]) by yquem.inria.fr (Postfix) with ESMTP id A667DBBAF for ; Mon, 20 Dec 2010 09:01:09 +0100 (CET) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ap4BAJObDk3UGyoFkWdsb2JhbACDY5ImjhcVAQEBAQkLCgcRAyGsW49yhFZ0BIo2g3w X-IronPort-AV: E=Sophos;i="4.60,201,1291590000"; d="asc'?vcf'?scan'208";a="83224278" Received: from smtp5-g21.free.fr ([212.27.42.5]) by mail4-smtp-sop.national.inria.fr with ESMTP; 20 Dec 2010 09:01:08 +0100 Received: from Tocksi.local (unknown [78.240.16.62]) by smtp5-g21.free.fr (Postfix) with ESMTP id C22F6D48162 for ; Mon, 20 Dec 2010 09:01:01 +0100 (CET) Message-ID: <4D0F0D35.4060708@univ-savoie.fr> Date: Mon, 20 Dec 2010 09:00:53 +0100 From: Christophe Raffalli User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: caml-list@yquem.inria.fr Subject: Re: [Caml-list] ocaml-tutorial.org is down References: <20101220065055.839fdd7b.mle+ocaml@mega-nerd.com> <20101219234718.GA6086@annexia.org> <20101220010332.GA8023@siouxsie> <4D0EBD59.6000703@grant-olson.net> In-Reply-To: <4D0EBD59.6000703@grant-olson.net> X-Enigmail-Version: 1.1.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig98A8857BA2F85E3B0F4865E1" X-Spam: no; 0.00; christophe:01 raffalli:01 christophe:01 raffalli:01 univ-savoie:01 in-berlin:01 cheers:01 chablais:01 73376:01 univ-savoie:01 20,:98 backdoor:98 wrote:01 oliver:01 lama:01 X-Attachments: cset="UTF-8" cset="utf-8" name="Christophe_Raffalli.vcf" name="Christophe_Raffalli.vcf" type="application/pgp-signature" name="signature.asc" name="signature.asc" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig98A8857BA2F85E3B0F4865E1 Content-Type: multipart/mixed; boundary="------------030202010400030403020908" This is a multi-part message in MIME format. --------------030202010400030403020908 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Le 20/12/10 03:20, Grant Olson a =C3=A9crit : > On 12/19/10 8:03 PM, oliver@first.in-berlin.de wrote: >> Why not just updateing the machine, or if no updates are available, ju= st eremove exim?! >> > If a machine has been compromised, or even if you suspect it has, you > can't trust anything about it anymore. > > Someone could have used the exim exploit to install a rootkit, a versio= n > of sshd with a backdoor, etc. And sure, maybe you can take the sha of > sshd and compare it to a known source, but maybe sha256 has been > replaced with a version that tricks you. > > So you patch exim, think you're good, and they come back to your machin= e > six months later. > > You have to rebuild from scratch. Including a BIOS update ... Cheers, Christophe --=20 Christophe Raffalli Universite de Savoie Batiment Le Chablais, bureau 21 73376 Le Bourget-du-Lac Cedex tel: (33) 4 79 75 81 03 fax: (33) 4 79 75 87 42 mail: Christophe.Raffalli@univ-savoie.fr www: http://www.lama.univ-savoie.fr/~RAFFALLI --------------------------------------------- IMPORTANT: this mail is signed using PGP/MIME At least Enigmail/Mozilla, mutt or evolution=20 can check this signature. The public key is stored on www.keyserver.net --------------------------------------------- --------------030202010400030403020908 Content-Type: text/x-vcard; charset=utf-8; name="Christophe_Raffalli.vcf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Christophe_Raffalli.vcf" YmVnaW46dmNhcmQNCmZuOkNocmlzdG9waGUgUmFmZmFsbGkNCm46UmFmZmFsbGk7Q2hyaXN0 b3BoZQ0Kb3JnOkxBTUEgKFVNUiA1MTI3KQ0KZW1haWw7aW50ZXJuZXQ6Y2hyaXN0b3BoZS5y YWZmYWxsaUB1bml2LXNhdm9pZS5mcg0KdGl0bGU7cXVvdGVkLXByaW50YWJsZTpNYT1DMz1B RXRyZSBkZSBjb25mPUMzPUE5cmVuY2VzDQp0ZWw7d29yazorMzMgNCA3OSA3NSA4MSAwMw0K bm90ZTpodHRwOi8vd3d3LmxhbWEudW5pdi1zYXZvaWUuZnIvfnJhZmZhbGxpDQp4LW1vemls bGEtaHRtbDpUUlVFDQp2ZXJzaW9uOjIuMQ0KZW5kOnZjYXJkDQoNCg== --------------030202010400030403020908-- --------------enig98A8857BA2F85E3B0F4865E1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFNDw08i9jr/RgYAS4RArXrAKCz3IwSsdBvT6+S7n7H+QDO+BW7pwCfa7sy MHOGqad3I0avydSe1nyA8/U= =Mdg9 -----END PGP SIGNATURE----- --------------enig98A8857BA2F85E3B0F4865E1--