server uptime
Alex Hewitt
hewitt_tech at comcast.net
Thu Mar 20 14:08:15 EDT 2008
On Thu, 2008-03-20 at 13:48 -0400, Warren Luebkeman wrote:
> Nah, we are not vulnerable to that exploit. We do keep tabs on important security issues when they come up. We plan to retire that server pretty soon, although I may leave it running behind the firewall, just to see how long it goes... ;-)
>
Come to think of it, isn't drywall just another name for firewall?
-Alex
> ----- Original Message -----
> From: "Bill McGonigle" <bill at bfccomputing.com>
> To: "Warren Luebkeman" <warren at resara.com>, "Benjamin Scott" <dragonhawk at gmail.com>
> Cc: "Greater NH Linux User Group" <gnhlug-discuss at mail.gnhlug.org>
> Sent: Thursday, March 20, 2008 1:41:25 PM (GMT-0500) America/New_York
> Subject: Re: server uptime
>
> On Mar 19, 2008, at 15:36, Ben Scott wrote:
>
> > You're obviously not installing all your security updates, then.
> > Both the 2.4 and 2.6 Debian kernels have had security advisories
> > posted within the past two years.
>
> Hey, it's possible that Warren's kernel is so old that he doesn't
> suffer from the vmslice() exploit. :)
>
> Seriously, though - check. If `uname -r` >= 2.6.17, vmsplice() plus
> one (e.g.) PHP bug = remote root exploit. That's bad, mmmkay?
>
> Perhaps more importantly you're not picking up ext3 bugfixes, the CQF
> elevator, etc.
>
> And somebody around here actually found an old Netware box running in
> a closet that had been drywalled over 5 years before. It was
> apparently still serving files and print jobs (they traced the
> ethernet cable).
>
> -Bill
>
> -----
> Bill McGonigle, Owner Work: 603.448.4440
> BFC Computing, LLC Home: 603.448.1668
> bill at bfccomputing.com Cell: 603.252.2606
> http://www.bfccomputing.com/ Page: 603.442.1833
> Blog: http://blog.bfccomputing.com/
> VCard: http://bfccomputing.com/vcard/bill.vcf
>
>
>
More information about the gnhlug-discuss
mailing list