Internet security with FC1
Rich Burroughs
rich at paranoid.org
Fri Dec 17 09:36:19 UTC 2004
François Patte wrote:
> Bonjour,
>
> Now that FC1 has gone to legacy... there are no more updates for the last kernel
> 2.4.22-1.2199.nptl For how long can we trust the Internet security with this
> kernel: I have a gateway to the internet with FC1 running this kernel and I am
> wondering when do I have to change it for safety reasons?
>
Hi,
Most security problems that come up with Linux distributions are not
with the kernel itself. Those do happen from time to time, but problems
with server software (like buffer overflows that can be exploited to
gain root access) are a lot more common.
If you are using a distribution that is no longer supported for updates,
then I would really recommend upgrading to one that is. It's not just
the kernel you would have to worry about, but the server software and
the applications that are run by users, as well.
When a server is hacked, most of the time it's because of a known
vulernability that was not patched. It's really important to stay up to
date on your patches, which means using a current version of your
distribution.
Rich
More information about the users
mailing list