avatar
redhat 6.2 vs 7.1?# Security - 系统安全
S*y
1
I need to fix a web server which used redhat 6.2 and was hacked.
The key point is to be secure and stable. Will
Now there are 2 solutions:
1. get pitches to fix all security holes of 6.2
No idea how much need to be done. there is such a long list
from redhat. which ones are definitely necessary?
http://www.redhat.com/support/errata/rh62-errata-security.html
2. go get redhat 7.1 directly, still need fix sth and who knows
what is coming. Is the SSL support and enhanced firewall with
i
avatar
z*w
2
1. backup your data and do a clean install
2. 6.2 or 7.1, either is OK, as long as:
2.1 disable unused service: e.g. rpc, ftp, telnet
sendmail, ...
2.2 patch the daemons you will use: wu-ftpd, rpc, samba, bind, etc
are known to have security holes
2.3 set up firewall: ipchains(kernel 2.2) iptables(kernel 2.4)
2.4 use ssh/scp to replace telnet/ftp
2.5 security auditing: check system log, use tripwire, install
snort, etc.

【在 S********y 的大作中提到】
: I need to fix a web server which used redhat 6.2 and was hacked.
: The key point is to be secure and stable. Will
: Now there are 2 solutions:
: 1. get pitches to fix all security holes of 6.2
: No idea how much need to be done. there is such a long list
: from redhat. which ones are definitely necessary?
: http://www.redhat.com/support/errata/rh62-errata-security.html
: 2. go get redhat 7.1 directly, still need fix sth and who knows
: what is coming. Is the SSL support and enhanced firewall with
: i

avatar
n*t
3
The patch is just passive defence.
You should do some customising steps to make your server secure.

【在 S********y 的大作中提到】
: I need to fix a web server which used redhat 6.2 and was hacked.
: The key point is to be secure and stable. Will
: Now there are 2 solutions:
: 1. get pitches to fix all security holes of 6.2
: No idea how much need to be done. there is such a long list
: from redhat. which ones are definitely necessary?
: http://www.redhat.com/support/errata/rh62-errata-security.html
: 2. go get redhat 7.1 directly, still need fix sth and who knows
: what is coming. Is the SSL support and enhanced firewall with
: i

相关阅读
logo
联系我们隐私协议©2024 redian.news
Redian新闻
Redian.news刊载任何文章,不代表同意其说法或描述,仅为提供更多信息,也不构成任何建议。文章信息的合法性及真实性由其作者负责,与Redian.news及其运营公司无关。欢迎投稿,如发现稿件侵权,或作者不愿在本网发表文章,请版权拥有者通知本网处理。