Re: Debian Server restored after Compromise. Which kernels???

To: debian-amd64@lists.debian.org
Cc: "Hemlock" <michael@etalon.net>
Subject: Re: Debian Server restored after Compromise. Which kernels???
From: Francesco Pietra <frapietra@alice.it>
Date: Sun, 16 Jul 2006 08:51:15 +0200
Message-id: <[🔎] 200607160851.16045.frapietra@alice.it>
Reply-to: frapietra@alice.it
In-reply-to: <[🔎] 20060715172404.M10997@www.etalon.net>
References: <[🔎] 200607132024.49263.lepalom@wol.es> <[🔎] 200607151437.47958.frapietra@alice.it> <[🔎] 20060715172404.M10997@www.etalon.net>

On Saturday 15 July 2006 19:30, Hemlock wrote:
> > > > > I'm in a similar situation.
> > > > > I just ended up grabbing the source from kernel.org
> > > > > and recompiling with debian's kernel-package package.
> > > > > (kernel 2.6.17.4)
> > > > > Did this both for i386 and AMD64 machines.
> > > >
> > > > Thank you for clarifying.
> > > >
> > > > Perhaps a naive observation: to save enrgies (and make a treasure of
> > > > op competence) why not putting your deb packages (if they are deb)
> > > > for download? Is any server that could accept them?
> > >
> > > This would, offhand, *seem* to be a job for Debian security.
> >
> > Thank you for courage in saying that. But I know little about the
> > policy of Debian to this concern, and, most of all, I understand
> > that volunteers may lack the time at the moment for what seems to be
> > the most economical (and secure) procedure. francesco
>
> Why not try compiling your own kernel?
> make-kpkg makes it quite simple for us non developer types.
> All you need to do is install kernel-package, and perhaps gcc, make, g++ if
> they don't already come down with kernel-package.
> /usr/share/doc/kernel-package has the readme that shows you how to compile
> your own .deb.
Yes, it can be done. Two points:

1) I've lost mail from Leopold ... If I remember correctly, the vulnerable 
kernels were up to 2.6.17.4. Should 2.6.17.5 be needed? I've not heard about 
this.

2) It has often been told on this list that kernel packages provided by Debian 
cover most needs, implying that going to compile kernels is a waste of 
resources in most cases.

3)It has been repeatedly advised on this list to avoid as much as possible to 
recompile and recompile again what may be already available. It is curious 
that packages for the most unusual tasks are continuously offered while 
kernels not, even in a period of attacks to so many defective kernels.

This is not to object too much to what I know only at the surface. But I am 
well aware of energetic problems and multi opteron machines (not to tell of 
the equivalent very hot intels) take non-negligible energy to work. Which 
also makes the point why going to 64bit for tasks that are equally well dealt 
with at 32bit.

You may object that vs a flying machine or even a car (if not missiles and 
bombs) a 64bit machine is nearly nothing. You are right.

cheers
francesco

>
> Cheers,

Reply to:

Follow-Ups:
- Re: Debian Server restored after Compromise. Which kernels???
  - From: "Hemlock" <michael@etalon.net>

References:
- Fwd: Debian Server restored after Compromise
  - From: Leopold Palomo-Avellaneda <lepalom@wol.es>
- Re: Debian Server restored after Compromise. Which kernels???
  - From: Francesco Pietra <frapietra@alice.it>
- Re: Debian Server restored after Compromise. Which kernels???
  - From: "Hemlock" <michael@etalon.net>

Prev by Date: Re: New to 64 bit/Sorta new to Debian....
Next by Date: K8 Mainboards Linux compatibility list
Previous by thread: Re: Debian Server restored after Compromise. Which kernels???
Next by thread: Re: Debian Server restored after Compromise. Which kernels???
Index(es):
- Date
- Thread