The Debian and YellowDog (and I think Connectivia) one would be easy, set your /etc/apt/sources.list to subscribe to the security updates, and have a cron job run nightly doing a 'apt-get update && apt-get upgrade' ...that would keep you current. But a presentation on the nuances of some of the other systems could be interesting.
Kevin Anderson a �crit: >Apt-get works much different than Portage which works different than >Mandrake Update Robot, which is different than YaST2, which is different >than up2date, with the last even adding the possibility of a cost to the >equation. And hardest of all is manually checking the installed packages, >and then visiting the appropriate sites to update them individually. > >It might be better to have a few people co-ordinate a presentation, with >each demoing their favorite distro's tool/utility. > >Kev. > > >----- Original Message ----- >From: "Jarrod Major" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Tuesday, September 17, 2002 10:37 AM >Subject: Re: (clug-talk) Linux gets a worm! > > > > >>This sounds like an excellent topic for a presentation. Anyone want to >>tackle it next month? We do not have a presentation scheduled and as such >> >> >it > > >>would be nice of someone came forward. >> >>Trevor, interested? >> >>Jarrod Major >>CLUG Treasurer >>Registered Linux User >> >>----- Original Message ----- >>From: "Trevor Lauder" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Sent: Tuesday, September 17, 2002 10:32 AM >>Subject: Re: (clug-talk) Linux gets a worm! >> >> >> >> >>>Even if you are running only services you want, those services still may >>>require updating and monitoring. If someone isn't keeping up on >>> >>> >updates, > > >>>etc and they get hacked because of it then they get what they deserve >>> >>> >and > > >>>I feel no sympathy for them. Just because Linux/Netware are stable OSes >>>doesn't mean they don't need babysitting (By this I mean: watching the >>>logs, monitoring the network they are on). The problem with the average >>>NT/2000 or MCSE administrator is that Microsoft is promoting lazy/cheap >>>administration. A lot of those administrators that come over to linux >>>bring those bad habits with them, and when something bad happens they >>>blame it on the OS when the blame should in fact lie with themselves. >>>Just my 2 cents. >>> >>> >>> >>>>One of the benefits of Linux is that it doesn't need to be babysat. >>>> >>>>I know this is an arguable thing, but I like that I set up a machine >>>> >>>> >at > > >>>>one of our remote locations, and it hasn't been signed into in well >>>> >>>> >over > > >>>>a year. >>>> >>>>It's fine to say "be on top of things", but I want a server that runs >>>>like this... >>>> >>>> >http://www.networkcomputing.com/1119/1119f1products_2.html > > >>>>And I'll argue that exploit or not, this basically offers that >>>> >>>> >ability. > > >>>>Unlike NT, Linux and Netware both run only services that you want them >>>>to, rather than needing repeated security patches for things like >>>> >>>> >MEDIA > > >>>>PLAYER on a server. >>>> >>>>I wonder if anyone would notice if I used a Database server for >>>> >>>> >watching > > >>>>DVDs throughout the day. Maybe, but then they do have GL screensavers >>>>too. >>>> >>>>Kev. >>>> >>>> >>>> >>>>----- Original Message ----- >>>>From: "Trevor Lauder" <[EMAIL PROTECTED]> >>>>To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; >>>><[EMAIL PROTECTED]> Sent: Monday, September 16, 2002 12:22 PM >>>>Subject: Re: (clug-talk) Linux gets a worm! >>>> >>>> >>>> >>>> >>>>>Actually, worms under linux have existed for a while now... and even >>>>>longer under unix. As for this exploit, I really hope anyone here >>>>>running SSL had that patched a while ago because the patch for that >>>>>exploit came out about a month ago. This exploit is targeting >>>>> >>>>> >servers > > >>>>>that haven't been updated in a at least a month and it's actually >>>>>hitting lots of people, pretty sad when patches have been available >>>>>for a while now. >>>>> >>>>> >>>>> >>>>> >>>>>>-----BEGIN PGP SIGNED MESSAGE----- >>>>>>Hash: SHA1 >>>>>> >>>>>>Finally Linux is worth the time for someone to make a worm. Easy to >>>>>> >>>>>> >>>>>detect, easy to defeat, and dose not affect my server but still a >>>>>worm. >>>>> >>>>> >>>>>> >>>>>> >http://securityresponse.symantec.com/avcenter/security/Content/2002.09.13.ht > > >>>>ml >>>> >>>> >>>>>>Yes I run Apache but I don't use SSL. If you run SSL you must read >>>>>> >>>>>> >>>>>this. - -- >>>>> >>>>> >>>>>>Roy Souther <[EMAIL PROTECTED]> >>>>>>http://www.SiliconTao.com >>>>>> >>>>>>Live to code, code to live! >>>>>>-----BEGIN PGP SIGNATURE----- >>>>>>Version: GnuPG v1.0.6 (GNU/Linux) >>>>>>Comment: For info see http://www.gnupg.org >>>>>> >>>>>>iEYEARECAAYFAj2F83YACgkQCbnxcmEBt434oACgqPHbAWIcOBX6m7jOUZ2rsLJR >>>>>> >>>>>> >>>>>1YoAnRkdLTB42p8mS+WlaDuB5L7nV39+ >>>>> >>>>> >>>>>>=YkE6 >>>>>>-----END PGP SIGNATURE----- >>>>>> >>>>>> >>> >>> >>> >>> >> >> >>
