[CLUE-Tech] Is someone trying to hack me?

[Kirk Rafferty]

On Fri, Nov 15, 2002 at 09:45:29AM -0700, Dave Price wrote:
> > This doesn't harden your system, of course, but it goes a long way towards
> > that goal.  I've used RHN for about a month now, and am so happy I don't
> > have to do this manually anymore.
> 
> Or run debian - apt-get update is free.

Or run FreeBSD and use ports...

I recommended RHN because he's running a Red Hat system.  Changing distros
is probably not an option.  Also, there's some functionality in RHN that
even apt-get (which is one of my fav tools too) doesn't have.  For
example, if I have 30 systems that need updated, that's 30 systems I have
to visit with apt-get.  With RHN, there's a secure web interface that lets
me see all of my systems at a glance, and which ones need which updates.
Then you just schedule whatever updates you want done, and the next time
your system phones home (by default every 2 hours), it'll pick up the
updates and install them.  If you feel like you want to oversee the update
yourself, you can pull the update down manually.  There's also some other
"value add" features I won't get into here.

By the way, using RHN, you can get the functionality of "apt-get update"
with "up2date -u".  And, RHN is gratis for the first system, so it won't
cost anything to try.

If switching distros is an option, and you're only running one or a
couple servers, Debian's apt-get is free (as in beer and freedom), and
easier to work with than manually pulling down updates with RPM.  If you
need to stay with Red Hat, look at RHN.  As someone else said, it's not
the end of your "hardening" responsibilities, but it's one of the key
steps.

-k