Nah, we are not vulnerable to that exploit. We do keep tabs on important security issues when they come up. We plan to retire that server pretty soon, although I may leave it running behind the firewall, just to see how long it goes... ;-)
----- Original Message ----- From: "Bill McGonigle" <[EMAIL PROTECTED]> To: "Warren Luebkeman" <[EMAIL PROTECTED]>, "Benjamin Scott" <[EMAIL PROTECTED]> Cc: "Greater NH Linux User Group" <gnhlug-discuss@mail.gnhlug.org> Sent: Thursday, March 20, 2008 1:41:25 PM (GMT-0500) America/New_York Subject: Re: server uptime On Mar 19, 2008, at 15:36, Ben Scott wrote: > You're obviously not installing all your security updates, then. > Both the 2.4 and 2.6 Debian kernels have had security advisories > posted within the past two years. Hey, it's possible that Warren's kernel is so old that he doesn't suffer from the vmslice() exploit. :) Seriously, though - check. If `uname -r` >= 2.6.17, vmsplice() plus one (e.g.) PHP bug = remote root exploit. That's bad, mmmkay? Perhaps more importantly you're not picking up ext3 bugfixes, the CQF elevator, etc. And somebody around here actually found an old Netware box running in a closet that had been drywalled over 5 years before. It was apparently still serving files and print jobs (they traced the ethernet cable). -Bill ----- Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 [EMAIL PROTECTED] Cell: 603.252.2606 http://www.bfccomputing.com/ Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf -- Warren Luebkeman Founder, COO Resara LLC 888.357.9195 www.resara.com _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
