Is it OK for Microsoft and others to forbid disclosure of benchmark results?
Don Erickson
derick at shark.zeni.net
Sat Nov 3 00:34:08 CST 2001
In article <39CF78DBFE15E141A9FE7DE61AE74D1C065536 at ctbs-hq1.hq.ctbs.net> you write:
>There are definitely security holes in 6.2. You're best bet is to go to
>RedHat and download what they recommend for security patches.
I strongly suggest subscribing to the security updates mailing lists,
surely RedHat has one. That way you find out about the holes and can
patch them before the script kiddies can download their cracks. This
simple security step should be the first one taken if you've got a server
hanging out in the virtual breeze.
On a remotely administered box, I'd recommend considering debian for it's
ease of package (and entire distribution) upgrades. Upgrade whatever
that you're running whenever a hole is found in it and you should be able
to stay a step ahead of the kiddies.
Certainly the same could be done with RedHat or whatever, but a more
obscure and stable and easily upgraded distribution makes a smaller,
leaner, more agile target.
My opinion only.
Regards,
-Don
--
.sig lite
More information about the Kclug
mailing list