[Gllug] Installing Stuff?
Xander D Harkness
xander at harkness.co.uk
Tue Dec 11 15:48:31 UTC 2001
Red Hat provide one free subscription to the Red Hat network per login.
Red Hat will normally email you regarding a security hole before it is
released to the public giving you a small window. (I know crackers will
subscribe too :-)
There are other tools too such as rpmupdate (or close to that) which you
can point at the mirror of your rpm-based distro and it will inform you
when an updated package appears in updates etc.
Other than that linuxtoday.com carries most announcements and makes
generally interesting reading at other times.
Cheers
Xander
On Tue, 2001-12-11 at 16:34, Jim Bailey wrote:
> Hi all,
>
> this is my input if people notice glaring errors in my reasoning then
> please let me know as this stuff is quite important.
>
> On Tuesday, December 11, 2001, at 02:07 PM, Ivan Dimitrov wrote:
>
> > you make a habbit to check every day freshmeat.net
>
> You also got bug-track and the various security sites to keep you updated
> with security issues. Most applications have low traffic mailing lists to
> announce serious security issues and upgrades that way you don't get 500
> emails a day about configuration and installation issues. Subscribe with
> a group alias to deliver them to every member of your IT team or and
> create a separate folder in your mail client so you can see whether or not
> you have dealt with them.
>
> Alternatively and I am not sure if this is possible with out some hacking
> but if you use something like RT, (request tracker, a free GPLed product)
> it comes with Debian and should be available for Red Hat, have the
> security and upgrade mails automatically raise a job which then need to be
> closed down.
>
> > On Tue, 11 Dec 2001 gllug at uncertainty.org.uk wrote:
> >
> >>
> >>
> >> compliling from source is easy enough and you get full power - but you
> >> have to keep track of any security issues and updates by yourself :(
>
> this is where I find the mix and match option the best I un-comment the
> Debian security option in /etc/apt/sources.list and can run it daily this
> keeps most stuff fairly secure and up to date. I don't think that there
> is an equivalent for Red Hat unless you pay them.
> >>
> >> I have yet to find a good way of keeping tabs on the latest releases of
> >> source packages - subscribing to a list per package is a pian.
>
> If you have public facing systems it is a pain you have to live with and
> it is a lot less painful than explaining to your fat meal ticket corporate
> client and the hard faced security consultant they just hired to help sue
> you, why their site has been hacked and defaced by a spotty 14 year old
> using off the shelf software.
> >>
> >> mind you gllug is pretty handy for keeping up to date - there is always
> >> someone boasting about having just upgraded to the latest thing ;-)
> >>
> Peace Jim
>
> No theory, no ready-made system, no book that has ever been written will
> save the world. I cleave to no system. I am a true seeker.
> --Mikhail Bakunin
>
>
>
> --
> Gllug mailing list - Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list