[K12OSN] K12LTSP 4.2.4EL planning... how stable?
Burke Almquist
balmquist at mindfirestudios.com
Tue Sep 5 22:13:21 UTC 2006
I'm curious if you ran yum immediately after installing the servers.
CentOS 4 is not brand new and has a number of security updates since
it was first put out. I would imagine that if you were updating your
previous configuration, it would actually be more secure than a fresh
install of a new version. My guess is that it was hacked before the
updates were done.
On Sep 5, 2006, at 4:46 PM, Doug Simpson wrote:
> Les Mikesell wrote:
>> On Mon, 2006-09-04 at 17:33, Doug Simpson wrote:
>>> Along these lines. . . I updated 4 servers two weeks before
>>> school started and every one of them got hacked right after
>>> that. . .I still don't have them all back working again after re-
>>> installing them. they had been running rock solid over a year and
>>> two of them longer than that with little to no upgrades. I
>>> figured newer would be better and more secure. . . WRONG! I will
>>> not make that mistake again! I DO NOT recommend automated updates
>>> at all
>> I wouldn't do automatic updates either, but I do update often and
>> am not aware of any recent new Centos vulnerabilities. Do you have
>> any idea what happened?
> I have no idea what happened other than that after the udatres, 4
> updated servers got hacked and rootkits were installed. Different
> rootkits on each one with different consequences.
>
> Doug
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
More information about the K12OSN
mailing list