[lug] I wish RH users would secure... (D. Stimits)

Nate Duehr nate at natetech.com
Thu Apr 19 00:09:26 MDT 2001

On Wed, Apr 18, 2001 at 11:51:49AM -0600, Gary Frerking wrote:
> >> I *really really really* would like to see all RH users 
> >> follow the security email list from RH (it gets tiring 
> >> to see the number of RH machines used to attack others).
> >> If you are a RH user and permanently connected to the 
> >> net, you *will* get cracked if you dont'udpate and secure.
> While I understand your frustration (and your point), I think it's safe 
> to say that if you're running *any* unpatched year-old distro with 
> services like ftp exposed to the world, you're asking for trouble.
> RH may be getting the press and attracting the attention of the hackers 
> at the moment, but RH isn't the only distro running WU-FTP (and WU-FTP 
> isn't the only FTP daemon with security problems over the last year).
> IMHO, life would be a lot easier if EVERYONE made a reasonable effort to 
> secure their systems no matter what they were.
> Blinding assuming you're safe because you're not using RH is just as 
> reckless as not keeping up with RH errata.

1. Run Debian.  
2. Subscribe to debian-security-announce mailing list.
3. Add security.debian.org to your /etc/apt/sources.list file.
4. Type `apt-get update && apt-get upgrade` every time you get an email
   from aforementioned list.  

Problem solved.  A *long* time ago.

People love to reinvent the wheel.  up2date, anyone?


Heh heh...

Nate Duehr <nate at natetech.com>

GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.

More information about the LUG mailing list