On Thu, Mar 04, 2004 at 07:07:08AM -0800, Turnpike Man wrote: > I'm betting for "company's internal use" he may not care as long as it performs > its duties. But a good question anyway!
This thread was started with a highlight of a 2.1 kernel still humming along - which is very cool. Now if it hasn't been updated for security, then there's a good chance the ssh is vulnerable. I am guessing that keeping a sub 2.2 kernel based system up to date is similar to maintaining a Gentoo system. I am poking around for clues on how an older kernel in maintained. The older kernels seem to be a good place to begin learning device driver writing. You see, I am actually trying to twist the thread to serve my own selfish needs - heh-heh. But at the same time I curious if an old kernel system can be secure - or will it be deficient without examining and tweaking each application used? Any hints on how to STFW on this? Would it be too parnoid to suggest that announcing that you have an old system working dependably might be a human engineering nugget to a cracker who might rightly assume such a system is vulnerable to legacy exploits? -- Mike When the correction first comes, we tend to underreact. While we do not like the surprise, we tend to think of it as maybe a one-time thing. Things, we believe, will soon get back to normal. We do not scale back our expectations sufficiently. It apparently takes years for this to work itself out. - John Mauldin -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
