I don't know the details of these security flaws. But if you look at the RH errata you see a lot of updates regarding users being able to get root access. It might all be fixed by now -- or it might not. I know of multiple groups here who switched to Debian because they had problems with people being able to hack into their RH systems. I'm not a firewall expert either. All I know is that breakins at the CU CS department were very frequent until we introduced a firewall, ssh, and one-time passwords. Carlos On Thu, 18 Mar 1999, Rahul Jain wrote: On Thu, 18 Mar 1999, Carlos Maltzahn wrote: > Our passwords are going through the Internet in plain text. It's extremely > easy to snoop them and then login. Red Hat's user friendly admin tools > have the tendency to permit users to acquire root access among other > things. RH's distributions are so unsecure that our department > doesn't allow us to connect RH computers to the network inside the > firewall. The Debian distribution tends to be more secure. I agree that Debian is generally more secure, but what's this about getting root with the admin tools? They're not suid root. -- -> -\-=-=-=-=-=-=-=-=-=-/^\-=-=-=<*><*>=-=-=-/^\-=-=-=-=-=-=-=-=-=-/- <- -> -/-=-=-=-=-=-=-=-=-=/ { Rahul -<>- Jain } \=-=-=-=-=-=-=-=-=-\- <- -> -\- "I never could get the hang of Thursdays." - HHGTTG by DNA -/- <- -> -/- http://photino.sid.rice.edu/ -=- mailto:rahul-jain at usa.net -\- <- |--|--------|--------------|----|-------------|------|---------|-----|-| Version 11.423.999.210000101.23.50110101.042 (c)1996-1999, All rights reserved. Disclaimer available upon request.