[plug] Securing Redhat 9.0

Kathryn nyrhtak at nw.com.au
Tue Oct 18 19:42:08 WST 2005


Thanks for the info. Upgrading will definitely be a part of the 
recommendation, but identifying vulnerabilities etc will help the 
justification :)
A firewall (pix maybe) will be going in front.

Cheers

Kathryn

----- Original Message ----- 
From: "Craig Ringer" <craig at postnewspapers.com.au>
To: <plug at plug.org.au>
Sent: Thursday, October 13, 2005 1:41 PM
Subject: Re: [plug] Securing Redhat 9.0


> Goldie, Kathryn (RTSBS) wrote:
>> Hi all
>>  
>> I was wondering if anyone could give me some advice on security issues 
>> or vulnerabilities with Redhat 9.0.
> 
> "upgrade"
> 
> RH9 is seeing little or no work with security updates. The last time I 
> checked, Fedora Legacy was essentially inactive on the old versions of 
> RH. I wouldn't want to run RH9 it for an externally visible server if I 
> could possibly avoid it.
> 
> You might want to consider Red Hat Enterprise Linux, Fedora Core 4, or 
> Debian Sarge as possible options for a newer and hopefully more secure 
> system.
> 
> If you really must run RH9, I'd try to put a more modern box in front of 
> it and proxy very selectively to the RH9 box, blocking everything you 
> don't absolutely need to let through.
> 
> If the RH9 box must be directly facing the Internet I'd try to firewall 
> off everything you can possibly get away with, and I'd probably want to 
> build my own copies of the publically visible apps like Apache 2 rather 
> than use the old ones shipped with the OS. Note that even that won't 
> protect you against an unpatched security hole in, eg, zlib.
> 
> --
> Craig Ringer
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
> 
>



More information about the plug mailing list