lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200401102028.04177.jluehr@gmx.net>
From: jluehr at gmx.net (Jan Lühr)
Subject: [inbox] Re: 3 new MS patches next week... but none fix

Greetings,

Am Samstag, 10. Januar 2004 18:35 schrieb Tim:
> >   It's not that Microsoft doesn't have a clue, they do.  We are getting
> > regular patches for holes that are found are we not?  If they didn't have
> > a clue, we would have yearly patches or none at all.  Ok, there may be
> > some holes that aren't patched yet, but I'm sure they're working on them
> > and they're coming.  Some patches just have to take precedence over
> > others.
> How I run a secure server?  Debian stable.  To patch:
>
> # apt-get update
> # apt-get upgrade
>
> DONE.
>
> Many other Linux distributions have similar sets of commands that are
> just as easy, and you don't have to buy 3rd party software to make it
> work.
>
> Oh, and if you want to patch ALL of your 30000 systems, just install
> your public SSH key on each of the when you build them, and:
>
> for S in `cat servers.txt`; do
> { ssh root@$S "apt-get update; apt-get upgrade"; }
> done;
>
I'd like to add, that there are many different solution for this problem - 
even for doing it completly without user interference. Well, you might have 
to patch one system in order to make sure, that everything works alright.

But the point is, due of better control over a Linux system, you can do more 
thinks to make your system less attacable. You can even restrict your own 
freedom of  control.

Keep smiling
yanosz


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ