
Linux Mint attack - chei0aiV
http://blog.linuxmint.com/?p=3007
======
ivraatiems
This actually looks pretty good. It seems like they are taking this quite
seriously.

Love Mint or hate Mint, it's too important to be vulnerable.

------
citizensixteen
Does anyone know how many other Linux distributions have come under similar
attack?

~~~
chei0aiV
Debian at least. kernel.org too. Ubuntu Forums at one point. Gentoo too.

~~~
mispeled
So what's the right process to avoid this when performing new Linux
installations?

Image the machine, quarantine it for a few weeks, wait for news of attacks -
if you hear nothing, dequarantine the system and proceed with normal use?

~~~
chei0aiV
Verify the OpenPGP signatures provided by the distribution, keep up to date
with security issues and join the distribution to help out with hardening it.

Some links for Debian:

[https://www.debian.org/CD/faq/#verify](https://www.debian.org/CD/faq/#verify)
[https://www.debian.org/CD/verify](https://www.debian.org/CD/verify)
[https://wiki.debian.org/Hardening/Goals](https://wiki.debian.org/Hardening/Goals)
[https://wiki.debian.org/Hardening/RepoAndImages](https://wiki.debian.org/Hardening/RepoAndImages)
[https://security-tracker.debian.org/tracker/data/report](https://security-
tracker.debian.org/tracker/data/report)
[https://www.debian.org/doc/manuals/developers-
reference/pkgs...](https://www.debian.org/doc/manuals/developers-
reference/pkgs.html#bug-security) [http://security-
team.debian.org/](http://security-team.debian.org/)

