Re: Basic question about ipchains being useful
On Tue, Jun 19, 2001 at 11:14:06PM +0200, Julien Dupre wrote:
> My idea is not to look at security alerts but trust
> that debian maintainers will do it, I have a daily
> cron
> job which mails me if "apt-get -s upgrade" says
> something
> should be upgraded, is this not reasonable ?
No, it's not very reasonable! Subscribe to debian-security-announce
if you want to know what's going on! It is very low traffic, which is
a good thing, considering that every message on it is a security
bulletin.
> Is there any case where a package with a known exploit
> was not upgraded quickly in stable ?
The mirror you use will have some delay getting packages. For local
exploits, you can just wait until the fix is in unstable, or whatever,
since you probably trust your local users anyway. For remote exploits
like the one against SSH, make sure you do something about it to keep
your machine safe, or at least check that it already is safe.
--
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@llama.nslug. , ns.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
Reply to: