On Tue, 2005-03-29 at 11:52 +0200, List (mitm) wrote: > From: "Michelle Konzack" <linux4michelle@freenet.de> > Sent: Tuesday, March 29, 2005 11:21 AM > Subject: Re: My machine was hacked - possibly via sshd? > > >> > Your kernel is old. That's for starters. 2.4.30 is in rc2 now. It > >> > alone fixes some security issues. 2.4.18 is ancient, and there's most > >> > >> But 2.4.18 is the Debian stable kernel, which gets security updates > >> and patches, no? > > >NO, since one year. > > Is there an official policy on what gets updated and what not? Like Malcolm > Ferguson I was under the impression that debian stable was always updated > with the latest security patches. Besides kernel-images are there other > packages that do not get updated? Mozilla for one. Not all kernel exploits for for 2.6 or much later versions of 2.4 (after 2.4.23) really have any effect on 2.4.18-<blah> in the Stable Distro, the problem areas aren't even there! But tell me, have they fixed the futex problems in 2.6? Also, when are they going to make it so modules (such as many IDE modules) are unloadable? If you can justify to me why a newer kernel will fix any of my problems on my woody systems, you will have succeeded where many other have failed. Just so you understand, I do like the newer kernels, but 2.6.x right now has big difficulties with java apps, due to the futex issues. Yes, there are other ways to implement workarounds, but why when 2.4.18 does just fine. My other machine is still running 2.4.20 with stack smashing protection and preemptive task switching on. I haven't had a single problem yet. And please, I already have tracked all the traffic on them. No point in showing any malice now. -- greg, greg@gregfolkert.net The technology that is Stronger, better, faster: Linux
Attachment:
signature.asc
Description: This is a digitally signed message part