-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Also, I seem to recall that I had a 2.4 kernel before, as well...
Regardless, with the thought in mind that I might upgrade to 7.x or 8.0 (whose support ends only 9 months after 6.2's - what's up with that?), I would just download all the RPM's & do a hard disk install. My question there would be, how do I do the upgrade, then, as I have no intention of ordering the disks, as it will take too long for them to get here. - -----Original Message----- From: Rick Johnson [mailto:[EMAIL PROTECTED]] Sent: Monday, December 16, 2002 12:42 PM To: [EMAIL PROTECTED] Subject: Re: Boy, did I screw up bad... I need some help guys. *** PGP Signature Status: unknown *** Signer: Unknown, Key ID = 0x54876603 *** Signed: 12/16/2002 12:42:25 PM *** Verified: 12/16/2002 12:48:51 PM *** BEGIN PGP VERIFIED MESSAGE *** Burke, Thomas G. wrote: | I've thought about that, but really, My firewall only allows | connection to ssh, sendmail, and http, so there's not a lot to | worry about security-wise. I don't feel like having to learn | something | besides ipchains, since I've got that working good. As long as I | can keep it updated to a certain point, I'm sure that's OK, unless | you can give me a compelling reason to install a newer version. Tom, Just because you've firewalled other services does *not* mean you're safe from attacks. There have been recent exploits to ssh and http which need to be considered as well which a simple ipchains firewall will not protect from. A firewall only blocks connections to undesired ports and from certain source IP's if you take it that far. Your due diligence on keeping your machine up to date takes care of the rest. Unless you're willing to take over the updates once Red Hat has stopped supporting it (by downloading and compiling the source yourself), you're doomed for vulnerability once something is discovered and Red Hat no longer provides a fix for your version. 7.3 and 8.0 both still support ipchains. 7.3's lokkit uses it by default, 8.0 moved to iptables, but still supports ipchains if you want it. Benefits for moving up to a newer version (7.3 or 8.0) are the use of a recent 2.4.x kernel which is going to noticeably improve performance over the older 2.2.x kernels. Other improvements are newer (and feature enhanced) packages over the 6.x platforms. Reasons to learn iptables, however, would be the capability for stateful inspection vs. simple packet filtering, and greater flexibility in chain rules. You'll find the similarities astonishing and quite simple to adapt to. Resistance to change will only be a hindrance in the end. HTH, - -Rick - -- Rick Johnson, RHCE - [EMAIL PROTECTED] Linux/WAN Administrator - Medata, Inc. PGP Public Key: https://mail.medata.com/pgp/rjohnson.asc *** END PGP VERIFIED MESSAGE *** - -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQA/AwUBPf4TAtPjBkUEZx5AEQKdYgCcC2mOy3b9CuP9o+dOPZApmMDyfyoAoJ0s o3Zex7F0vfYoXidjI/cS3nnq =Z6ql -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
