--- Botond Kardos <Botond.Kardos@xxxxxxxxx> wrote: > Hi, > I have an old machine running as a firewall. > It's basically an RH9 > installation with some custom-made packages (kernel, > openssh, few > others). If I revert my system to standard RH9 is it > possible to upgrade > it to FC3 or FC4? Is this upgrade possible without a > CD (for example > boot-floppy + NFS or FTP server)? > My main reason for the intention to upgrade is > the fear of rootkits. > AFAIK FC3 and its targeted SELinux policy gives the > feeling of safety > regarding rootkits and other privilege escalation > vulnerabilities. > Thanks, > Botond 1. It is possible to upgrade directly from RH9 to FC3 (not tried FC4 which will introduce further complications) which i do when i need a testing machine on Virtual PC. FC3's default kernel does not work on Virtual PC. Complications :- SELINUX,udev/dev, kernel less than 2.6, python, rpm and db4. I "cheat" by using yum from FC3 and a tarball with all base/updates from my local network. Naturally you have to install some things manually with the rpm -ivh rather than -Uvh and the process is fraught with danger. Do i recommend this in your scenario? NO!! Not for a production machine. 2. Strip RH9 to minimum(add libxml2 from RH9), grab FC2 fedora release and yum and then upgrade to Fedora Core 2 with less problems. You can then upgrade later to FC3/FC4 with fewer problems. 3. I would recommend you get a GRsecurity kernel and sit tight on RH9. FedoraLegacy has updates for RH9 by the way so make it a habit to update from them. A firewall machine with no LAMP (Apache MySQL and PHP) is harder to exploit and grsecurity locks down things well. Recently memory injection attacks were successfully ran on unpatched machines and grsecurity-enabled machines without patches avoided this:- http://www.webhostingtalk.com/showthread.php?s=&threadid=387710 http://www.webhostingtalk.com/showthread.php?threadid=398645 Fedora Core - The power of Open Source Now! Please search the archives and fedoraforum.org as the question is likely to have been asked before. Cheers Captain Bubudiu ___________________________________________________________ How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
