[plug] Securing Redhat 9.0
Kathryn
nyrhtak at nw.com.au
Tue Oct 18 19:42:08 WST 2005
Thanks for the info. Upgrading will definitely be a part of the
recommendation, but identifying vulnerabilities etc will help the
justification :)
A firewall (pix maybe) will be going in front.
Cheers
Kathryn
----- Original Message -----
From: "Craig Ringer" <craig at postnewspapers.com.au>
To: <plug at plug.org.au>
Sent: Thursday, October 13, 2005 1:41 PM
Subject: Re: [plug] Securing Redhat 9.0
> Goldie, Kathryn (RTSBS) wrote:
>> Hi all
>>
>> I was wondering if anyone could give me some advice on security issues
>> or vulnerabilities with Redhat 9.0.
>
> "upgrade"
>
> RH9 is seeing little or no work with security updates. The last time I
> checked, Fedora Legacy was essentially inactive on the old versions of
> RH. I wouldn't want to run RH9 it for an externally visible server if I
> could possibly avoid it.
>
> You might want to consider Red Hat Enterprise Linux, Fedora Core 4, or
> Debian Sarge as possible options for a newer and hopefully more secure
> system.
>
> If you really must run RH9, I'd try to put a more modern box in front of
> it and proxy very selectively to the RH9 box, blocking everything you
> don't absolutely need to let through.
>
> If the RH9 box must be directly facing the Internet I'd try to firewall
> off everything you can possibly get away with, and I'd probably want to
> build my own copies of the publically visible apps like Apache 2 rather
> than use the old ones shipped with the OS. Note that even that won't
> protect you against an unpatched security hole in, eg, zlib.
>
> --
> Craig Ringer
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
>
More information about the plug
mailing list