On Fri, Aug 03, 2001 at 06:20:58PM +0800, Paolo wrote:
> neuroticimbecile wrote:
> >
> >
> > yeah, this just proves how important it is to keep your system updated.
> > no matter what distro you're using, it's best to apply all pertinent patches
> > and bugfixes. when this is done properly, even a redhat 6.2 can be secure!
> >
> I agree. Am using that right now. Stock RH6.2 Kernel 2.2.19-6.2.7 with
> all the latest updates.
> All services except http{s}, ssh and mysql are disabled.
> If anyone knows of a hole in these four, let me know.
Once again, version information. I believe the default ssh that 6.2
installs (and was installed with Red Hat until 7.1) contains a remote
root exploit. Far better to also filter mysql, as you never know what
mischief is possible. Someone could ruin your db that way. It's just
not something that a script kiddie would do. They're after the easy
remote root, I think none of them have that kind of subtlety.
--
Rafael R. Sevilla <[EMAIL PROTECTED]> +63(2) 8177746 ext. 8311
Programmer, InterdotNet Philippines +63(917) 4458925
http://dido.engr.internet.org.ph/ OpenPGP Key ID: 0x5CDA17D8
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GAT d- s:- a- C++++ UL+++ P+++ L+++ E++ W++ N+ o K- w---
O- M-- V- PS+ PE Y+ PGP++ t+ 5 X+ R tv+ b+++ DI++ D+
G e++ h! r++ y+
------END GEEK CODE BLOCK------
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
