On Thu, 2005-01-13 at 09:55, O'Neill, Donald (US - Deerfield) wrote: > If your not having problems with anything, then leave it alone. Your not > going to gain any performance by upgrading. > > As for the local root exploit, unless you have untrusted users with > shell accounts on your machine, the 'local exploit' is a not a issue. You need to be careful here. As you say that local root exploit is only usable if someone is on your system. But lets say they find a way to get user level access via say a guessed user password, or httpd or through phpbb or some other package you have on your system. Then all they need to do to own the box is execute this root exploit and they own the system. Don't rely on a hard candy coating to keep all the hackers at bay. Harden the inside of your system whenever possible. Layered defense is always better. dedicated firewall--->limited ports passed through (if any)--->firewall on server (limited services allowed through)----> disable all unneeded services------>keep system patches up to date ------> run tripwire------>run chkrootkit -------> monitor log files ----> use screen savers to lock terminal session -----> use good passwords -----> change passwords -----> don't use the same password on multiple systems ----> disable root login on ssh -----> don't use telnet or ftp Keep shotgun handy along with several watch dogs...... -- Scot L. Harris webid@xxxxxxxxxx You must dine in our cafeteria. You can eat dirt cheap there!!!!
