LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

RHEL, kernel vulnerabilities, and days of risk

RHEL, kernel vulnerabilities, and days of risk

Posted Mar 24, 2005 16:03 UTC (Thu) by vonbrand (subscriber, #4458)
In reply to: RHEL, kernel vulnerabilities, and days of risk by brianomahoney
Parent article: RHEL, kernel vulnerabilities, and days of risk

Lucky you. Some security upgrade to Solaris here around 2000 (re)installed a remote administration package (which we had removed). Said package had (known) holes you could drive trucks through... and some kid promptly remotely administered the machine. Had a nice 24 hour day restoring everything and making sure no further holes were present.

That incident, BTW, gave the last argument for migrating the servers to Linux (many desktops had been Linux for quite some time). First on the (ageing) Suns (even got better performance with Linux!), later on custom-build PCs. We see lots of (mostly very pathetic) intrusion attempts, no success to date (AFAIK...).

(Log in to post comments)

RHEL, kernel vulnerabilities, and days of risk

Posted Mar 28, 2005 16:43 UTC (Mon) by Ross (subscriber, #4065) [Link]

To be fair, the same problem (patches reenabling services) happens on Linux
as well. Debian is especially bad about this due to the "if it is installed
we assume you want to run it" policy.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds