Apt-get works much different than Portage which works different than Mandrake Update Robot, which is different than YaST2, which is different than up2date, with the last even adding the possibility of a cost to the equation. And hardest of all is manually checking the installed packages, and then visiting the appropriate sites to update them individually.
It might be better to have a few people co-ordinate a presentation, with each demoing their favorite distro's tool/utility. Kev. ----- Original Message ----- From: "Jarrod Major" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 17, 2002 10:37 AM Subject: Re: (clug-talk) Linux gets a worm! > This sounds like an excellent topic for a presentation. Anyone want to > tackle it next month? We do not have a presentation scheduled and as such it > would be nice of someone came forward. > > Trevor, interested? > > Jarrod Major > CLUG Treasurer > Registered Linux User > > ----- Original Message ----- > From: "Trevor Lauder" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, September 17, 2002 10:32 AM > Subject: Re: (clug-talk) Linux gets a worm! > > > > Even if you are running only services you want, those services still may > > require updating and monitoring. If someone isn't keeping up on updates, > > etc and they get hacked because of it then they get what they deserve and > > I feel no sympathy for them. Just because Linux/Netware are stable OSes > > doesn't mean they don't need babysitting (By this I mean: watching the > > logs, monitoring the network they are on). The problem with the average > > NT/2000 or MCSE administrator is that Microsoft is promoting lazy/cheap > > administration. A lot of those administrators that come over to linux > > bring those bad habits with them, and when something bad happens they > > blame it on the OS when the blame should in fact lie with themselves. > > Just my 2 cents. > > > > > One of the benefits of Linux is that it doesn't need to be babysat. > > > > > > I know this is an arguable thing, but I like that I set up a machine at > > > one of our remote locations, and it hasn't been signed into in well over > > > a year. > > > > > > It's fine to say "be on top of things", but I want a server that runs > > > like this... http://www.networkcomputing.com/1119/1119f1products_2.html > > > > > > And I'll argue that exploit or not, this basically offers that ability. > > > > > > Unlike NT, Linux and Netware both run only services that you want them > > > to, rather than needing repeated security patches for things like MEDIA > > > PLAYER on a server. > > > > > > I wonder if anyone would notice if I used a Database server for watching > > > DVDs throughout the day. Maybe, but then they do have GL screensavers > > > too. > > > > > > Kev. > > > > > > > > > > > > ----- Original Message ----- > > > From: "Trevor Lauder" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > > > <[EMAIL PROTECTED]> Sent: Monday, September 16, 2002 12:22 PM > > > Subject: Re: (clug-talk) Linux gets a worm! > > > > > > > > >> Actually, worms under linux have existed for a while now... and even > > >> longer under unix. As for this exploit, I really hope anyone here > > >> running SSL had that patched a while ago because the patch for that > > >> exploit came out about a month ago. This exploit is targeting servers > > >> that haven't been updated in a at least a month and it's actually > > >> hitting lots of people, pretty sad when patches have been available > > >> for a while now. > > >> > > >> > > >> > -----BEGIN PGP SIGNED MESSAGE----- > > >> > Hash: SHA1 > > >> > > > >> > Finally Linux is worth the time for someone to make a worm. Easy to > > >> detect, easy to defeat, and dose not affect my server but still a > > >> worm. > > >> > > > >> > > > > > http://securityresponse.symantec.com/avcenter/security/Content/2002.09.13.ht > > > ml > > >> > > > >> > Yes I run Apache but I don't use SSL. If you run SSL you must read > > >> this. - -- > > >> > Roy Souther <[EMAIL PROTECTED]> > > >> > http://www.SiliconTao.com > > >> > > > >> > Live to code, code to live! > > >> > -----BEGIN PGP SIGNATURE----- > > >> > Version: GnuPG v1.0.6 (GNU/Linux) > > >> > Comment: For info see http://www.gnupg.org > > >> > > > >> > iEYEARECAAYFAj2F83YACgkQCbnxcmEBt434oACgqPHbAWIcOBX6m7jOUZ2rsLJR > > >> 1YoAnRkdLTB42p8mS+WlaDuB5L7nV39+ > > >> > =YkE6 > > >> > -----END PGP SIGNATURE----- > > > > > > > > > > >
