Infrastructure report, 2008-08-22 UTC 1200
Laszlo BERES
beres.laszlo at sys-admin.hu
Fri Aug 22 20:04:17 UTC 2008
Les Mikesell wrote:
> But we do know that a large number of DNS servers are still vulnerable
> to spoofing. How do you know that what you think was an official mirror
> delivering your rpm update wasn't an imposter, spoofed in DNS.
You're absolutely right, but if I assume we're talking about RHEL
infrastructure, in this case the attacker has to spoof the
up2date's/yum's RHN certificate, too.
--
BÉRES László RHCE, RHCX senior IT engineer, trainer
Red Hat, Fedora, CentOS, SELinux: http://sys-admin.hu
More information about the fedora-list
mailing list