[svlug] botnets

[Rick Moen]

Quoting Joe Buck (Joe.Buck at synopsys.COM):

> Since I don't have the guy's permission I'll keep him anonymous,
> though I recall raising the same argument (how do you *know* it was an
> openssh hole?) and he convinced me (maybe by verifying that the hole
> was still open by attacking himself?, don't recall).

Proving that one has a vulnerability doesn't prove it was the avenue of
infiltration, of course -- though that's definitely cuggestive of same,
and worth knowing.  

Those were indeed pretty much the bad old days, anyway, when you really
had to keep on top of security alerts personally, and updates were not 
dropped on your doorstep.