--On Monday, April 23, 2007 05:00:49 -0400 Valdis.Kletnieks@xxxxxx wrote:
On Sun, 22 Apr 2007 11:46:41 CDT, Paul Schmehl said:--On April 22, 2007 10:45:17 AM +0200 poo <skodliv@xxxxxxxxx> wrote: > or maybe ross retard got his login info ownedWhy take the whole site down then? All you'd have to do is disable his account.Umm? Maybe for some real *basic* security reason? For instance, doing forensics or making *sure* that Ross was the only pwnage, and that it wasn't anything more serious? So tell me Paul - if *your* password got pwned, would you take the machine down, or not? :)
If *mine* got pwned, I'd take the machine down, but if an unprivileged user got pwned, I'd simply have them change their password, *unless* there was evidence of problems on that host. Just because someone's account got hijacked doesn't mean that further damage necessarily happened. Lots of people have no access to anything except their own stuff.
Paul Schmehl (pauls@xxxxxxxxxxxx) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Attachment:
p7sEVCL2zC5J6.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/