|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Security of RedHat 8.0 and Apache 2.0.43
|
Well, in my experience Redhat does not really support an upgrade from one
distribution version to another. Because of this, many people leave their
systems running whatever version and just install necessary patches for that
distro version when they come out. For example, if you are running Redhat
7.3 and have it patched via up2date then you are running the latest stable
version of Apache (if installed in the first place) as well as other system
level and userland programs. So the question of "Is Redhat 8.0 and Apache2.x
'better' than Redhat 7.x and Apache 1.x..." really becomes a preference
issue.
The key with a Redhat box is to keep it patched. I think it was version 7.2
that started the up2date utility for Windows style 'critical updates'
package management. That up2date utility can also be used to install
something from scratch too. Lets say you want to install the packages (rpm)
for reconfiguring your sendmail installation. As root you can
"/usr/sbin/up2date -i sendmail-cf" (without the quotes of course) and by the
grace of an internet connection you will have it so. Straight from the rpm
mirror at Redhat too! Another command for the m4 package does the trick to
complete the additional package install. Can you upgrade to the latest
stable kernel? Yep. Just be sure to reconfigure up2date to allow it to do so
since kernel upgrades are turned off by default. ("man up2date" explains it
all) Can you create your own rpm mirror and use up2date to pull rpms from
that instead of the main one at Redhat? Sure. Meant for corporate users,
there is a document on Redhat's site (sorry I do not have the URL handy)
that explains how to do this as wellas setup an rsync batch to keep it
updated as well.
In only one case (of sever hundred thus far) have I ran into a box (An old
Penguin computing one) that simply could not run anything newer than Redhat
7.3 (it is a SCSI module compatibility issue).
Hope all this helped somewhat...
011010110110000101101101
Kam Salisbury
MCSE, Linux+, CNA -- Believer in Open Source.
http://www.kamsalisbury.com
----- Original Message -----
From: "Weissman, Gary" <GaryW@uwsepa.org>
To: <plug@lists.phillylinux.org>
Sent: Wednesday, January 15, 2003 12:18 PM
Subject: [PLUG] Security of RedHat 8.0 and Apache 2.0.43
>
>
> Hi,
>
> I have seen a number of webservers that run RedHat 7.x and Apache 1.x ...
> are the older versions used because of hardware, migration or security
> issues? or something else?
>
> That is to say, are RedHat 8.0 and Apache 2.0.43 still considered
adequately
> secure for a publicly available web server?
>
> Thanks,
> Gary
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.443 / Virus Database: 248 - Release Date: 1/10/2003
>
> _________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
> General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|