On Fri, 15 Mar 2002 18:16:22 EST [EMAIL PROTECTED] wrote: I get: "Could not connect to remote server" when I try to follow that link. I get: "The address is not available from this machine" when I strip out the extra leading ":" :) I am curious as to seeing what potato is vulnerable to. However: if you want the 2.4.* kernel on your deb box, you should upgrade to woody. Not only for the 2.4 kernel, but also for more up to date packages and security patches. so do this:
debian# vi /etc/apt/sources.list substitute "potato" w/ "woody" to upgrade to woody deb http://security.debian.org/debian-security potato/updates main contrib non-free deb http://security.debian.org/debian-non-US potato/non-US main contrib non-free deb http://security.debian.org potato/updates main contrib non-free debian# apt-get dist-upgrade debian# apt-get update debian# apt-get upgrade That's the proper 'debian' way to do it. But if you've already been rooted you'll probably want to start from a fresh install. Download the install floppy images from http://ftp.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/ Hope that helps, and sorry to hear about the root job :( Brad Beck - linux guru in beta > I have a potato system - with the 2.2.18 kernel. Somone has gotten into a box > on my network and used this exploit to gain root: > http://:infected.ilm.net/xpl0itz/l1nux/epcs2.c+epcs2&hl=en&ie=ISO-8859-1 > The other boxes that are net accessible are openbsd -- This system is a dual > p6 so I need debian for smp. > > Is there a proper 'debian' way to go about patching the kernel against this > exploit, or updating the kernel to 2.4. > > Thanks, > David Rolfe @ work > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >