On Tue, 5 Apr 2005 12:00:52 +1000 matthew hannigan <[EMAIL PROTECTED]> wrote:
> On Tue, Apr 05, 2005 at 10:50:55AM +1000, Erik de Castro Lopo wrote: > > On Tue, 5 Apr 2005 09:09:31 +1000 (EST) > > "Voytek" <[EMAIL PROTECTED]> wrote: > > > > > I have RH73 with > > > > > > # openssl version > > > OpenSSL 0.9.6b [engine] 9 Jul 2001 > > > > OK, its pretty safe to assume that if this machine has been connected > > to the internet for anything more that about 15 seconds it has been fully > > compromised and rootkitted. > > Not necessarily. Redhat/fedora backport security fixes and don't change > the release number. So even though the package is dated Jull 2001 it might still be patched? Ok. > PS. You didn't tell us exactly why you wanted to upgrade openssl. > If it's to satisfy some other packages requirements, let us know. Its because he already has good evidence that his machine has been compromised or at the very least is being used to relay spam and that its prbably not the MTA's fault. Erik -- +-----------------------------------------------------------+ Erik de Castro Lopo [EMAIL PROTECTED] (Yes it's valid) +-----------------------------------------------------------+ "Open source is an intellectual-property destroyer. I can't imagine something that could be worse than this for the software business and the intellectual-property business." -- Jim Allchin, Microsoft -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
