[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Need a better Linux distro

On 5/31/20 11:04 AM, Solomon Peachy wrote:
> On Sun, May 31, 2020 at 10:44:17AM -0400, Solomon Peachy via Ale wrote:
>> Assuming the attackers didn't wipe logs, yum maintains a transaction
>> history that can be used to determine when those highly suspicious
>> packages were installed.  Form there you can inspect the other system
>> logs around that time.
> Whoops, that was a brainfart.  rpm itself maintains a record of every
> package's installation timstamp, and would be a good starting point to
> figure out the compromise vector..

Yeah, well, I'm sure *I* never make mistkaes or forget some...whatever.

I was ill at the end of November, and likely wanted to install a video 
capability for some reason. I plead stupidity and sick. It was an easy 
stroll through the yum log.

Every distro is vulnerable, but we don't have to leap into the cesspool. 
I'm tired of systemd and I'm not comfortable with the packages being on 
my system. It's easier to rebuild from scratch.