Upgrade from RH9 to FC3 or FC4

Captain Bubudiu bubudiu2005 at yahoo.co.uk
Sat Jun 11 17:22:08 UTC 2005 

 --- Botond Kardos <Botond.Kardos at essnet.se> wrote: 
>     Hi,
>     I have an old machine running as a firewall.
> It's basically an RH9
> installation with some custom-made packages (kernel,
> openssh, few
> others). If I revert my system to standard RH9 is it
> possible to upgrade
> it to FC3 or FC4? Is this upgrade possible without a
> CD (for example
> boot-floppy + NFS or FTP server)?
>     My main reason for the intention to upgrade is
> the fear of rootkits.
> AFAIK FC3 and its targeted SELinux policy gives the
> feeling of safety
> regarding rootkits and other privilege escalation
> vulnerabilities.
>     Thanks,
>     Botond

1. It is possible to upgrade directly from RH9 to FC3 
(not tried FC4  which will introduce further
complications) which i do when i need a testing
machine on Virtual PC. FC3's default kernel does not
work on Virtual PC.
Complications :- SELINUX,udev/dev, kernel less than
2.6, python, rpm and  db4. I "cheat" by using yum from
FC3 and a tarball with all base/updates from my  local
network. Naturally you have to install some things
manually with the rpm -ivh rather than -Uvh and the
process is fraught with danger.

Do i recommend  this in your scenario? NO!! Not for a
production machine.

2. Strip RH9 to minimum(add libxml2 from RH9), grab
FC2 fedora release and yum and then upgrade to Fedora
Core 2 with less problems. You can then upgrade later
to FC3/FC4 with fewer problems.

3. I would recommend you get a GRsecurity kernel and
sit tight on RH9. FedoraLegacy has updates for RH9 by
the way so make it a habit to update from them.  A
firewall machine with no LAMP (Apache MySQL and PHP)
is harder to exploit and grsecurity locks down things
well.

Recently memory injection attacks were successfully
ran on unpatched machines and grsecurity-enabled
machines without patches avoided this:-  

http://www.webhostingtalk.com/showthread.php?s=&threadid=387710
http://www.webhostingtalk.com/showthread.php?threadid=398645



Fedora Core - The power of Open Source Now! Please search the archives 
and fedoraforum.org as the question is likely to have been asked before.

Cheers
Captain Bubudiu


		
___________________________________________________________ 
How much free photo storage do you get? Store your holiday 
snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com

More information about the fedora-list mailing list