[CLUE-Tech] Red Hat 7.3 question
Mike Staver
staver at fimble.com
Fri Oct 11 17:06:35 MDT 2002
Right - I do visit the Red Hat update page quite often, and I think I
may have found the problem. I thought I had openssl up to date, but it
appears I was mistaken. I had:
openssl-0.9.6b-18
The current version with bug fixes is:
openssl-0.9.6b-28
At a quick glance, I saw the 0.9.6b and thought I was safe.... I was
very wrong, and won't make that mistake again!
Adam Bultman wrote:
>
> I'm fairly certain that no linux distro should be trusted out-of-the-box.
> I'm also fairly certain that 7.3 pre-dates some of the more recent openssl
> worms. I would suggest signing onto bugtraq, etc and making sure you
> areup to date with regards to most public services. It's what I do with
> every box I put on the 'net. I'd also recommend portsentry. It blocks
> naughty people...
>
> Adam
>
> On Fri, 11 Oct 2002, Mike Staver wrote:
>
> > I thought I had openssl and apache up the latest patched version from
> > Red Hat. Apparently I was wrong, or even their patched versions do not
> > make you safe. I just had 3 web servers rooted yesterday by the Cinik
> > worm. It put files in the /tmp directory, and they are owned by apache,
> > so I will have to blow out these boxes and start over - but before I do,
> > I need to know what version of apache protects me from this evil, evil
> > worm that has just cost me my entire weekend :(
> >
>
> --
> Adam Bultman
> adam at glaven.org
> [ http://www.glaven.org ]
>
> _______________________________________________
> CLUE-Tech mailing list
> CLUE-Tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
--
-Mike Staver
staver at fimble.com
mstaver at globaltaxnetwork.com
More information about the clue-tech
mailing list