[plug] Apache

Matt Kemner zombie at wasp.net.au
Fri Jun 1 12:44:18 WST 2001


On Fri, 1 Jun 2001, Colin Muller wrote:

> On a related note, is Debian's security.debian.org updated as quickly as 
> they claim (usually within 48 hours of a hole being discovered),

No matter how quickly a site like that updates after the problem is
reported to Debian, you _always_ stand the chance that some black hat will
discover a completely new hole in software you are using, and exploits it
him/herself and gets at your machine that way - before anyone else even
knows the bug exists and hence fixes it and uploads it to
security.debian.org or wherever.

It is statistically very unlikely that this will happen to a
non-high-profile site, but it could still happen.

However, keeping up-to-date with security.debian.org is your best bet for
being secure under Debian, combined with only running those services that
you really need running, and firewalling those services from the outside
that only need to be accessed from the inside.

Eg on a combined linux masq gateway/file+print server, block access to
ports 135-139 from anywhere but eth0 (or wherever the local network is on)

 - Matt




More information about the plug mailing list