[SPAM HIGH] [Dshield] SuSe Backdoors?

Chris Brenton cbrenton at chrisbrenton.org
Tue Mar 2 10:24:23 GMT 2004


On Mon, 2004-03-01 at 21:48, Wayne Beckham wrote:
>
> A branch of my organization is evaluating using Novell's version of SuSe.
> I've heard rumors that SuSe has built-in backdoors,

Let me guess, you heard this from a Microsoft person? ;-)

I switched over to SuSE when Red Hat announced they were dropping
support for the desktop. I conduct regular audits (locally and
remotely), and I've found zero unexpected ports open. I monitor all
inbound and outbound traffic and the only "calling home" I see is to
pull down patches nightly (a feature I configured) and even then its
only one internal system (a patch distribution system) and its to a
mirror site. I'm running both SuSE 8.x and 9.x.

> put there by the
> original developers, to allow access during the development process, and
> they still exist. 

This does not even make sense. A developer is going to already have root
access. They don't need a back door.

I think someone is messing with you.

HTH,
Chris





More information about the list mailing list