Re: identifying security vulnerabilities on inherited system

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I would also suggest running nessus (http://www.nessus.org), etc
against this server(s)..  **Get permission** to do so, run at low
usage time to determine what packages are most vulnerable..

Also, *always* make sure to test updates on test box prior to the
production site...  it might seem like a small update, but it could
also update dependencies on other applications..

-- 
--- Chiringuito
t_r_e_i_d_y_@xxxxxxxxxxxxxxxxxx

On Fri, 03 Sep 2004 21:31:47 +0000, George Van Tuyl
<gvantuyl@xxxxxxxxxxxx> wrote:
> 
> 
> RCS Computers wrote:
> 
> > Hi,
> >
> > I recently took over programming for a semi-large web site. They are
> > currently using a web-design / hosting company to manage their server.
> > They are running RH 7.3 and it looks like the system has not been
> > updated in quite some time. Can you tell me how I might take the
> > version numbers of the things listed below and find out if there are
> > any security vulnerabilities.
> >
> > I realize that I could just update anyway, but I am going to have to
> > prove that the current set up is a security risk.  Thank you in advance.
> >
> > The following ports are open on this web server:
> >
> > pop3
> > imap
> > http
> > ftp
> > ssh
> > smtp
> > https
> >
> > I am not really familiar with ip chains, but this looks like
> > everything is accepted:
> >
> > Chain input (policy ACCEPT):
> > target prot opt source destination ports
> > ACCEPT tcp -y---- anywhere anywhere any -> ssh
> > ACCEPT tcp -y---- anywhere anywhere any -> smtp
> > ACCEPT tcp -y---- anywhere anywhere any -> http
> > ACCEPT tcp -y---- anywhere anywhere any -> ftp
> > ACCEPT all ------ anywhere anywhere n/a
> > ACCEPT all ------ anywhere anywhere n/a
> > ACCEPT udp ------ ns.bluegrass.net anywhere domain -> any
> > REJECT tcp -y---- anywhere anywhere any -> any
> > REJECT udp ------ anywhere anywhere any -> any
> > Chain forward (policy ACCEPT):
> > Chain output (policy ACCEPT):
> >
> >
> > Here are the versions of pertinent programs:
> >
> > Distro: RH 7.3
> > Kernel: 2.4.18-3
> > Apache: 1.3.28
> > NcFTP 3.1.3/985
> > OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
> > Postfix: 1.1.12
> > ipopd: not sure how to find out
> > imapd: not sure how to find out
> >
> >
> >
> > --------------------------------------
> > Randy Syring
> > RCS Computers
> > www.rcs-comp.com
> >
> > "Whether, then, you eat or drink or whatever you do, do all to the
> > glory of God."
> > 1 Cor 10:31
> > ------------------------------------------------------------------------
> >     To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx
> >         with "unsubscribe" in the subject of the message.
> >
> >
> Make your life easy with apt-get.
> 
> You will need at some point move to a distribution that you can keep
> current.  Slackware, Debian, etc....  It will take some time to put
> together a migration plan but for for that but for now go to
> "http://apt.freshrpms.net/"; download and install the apt-get rpm for 7.3
> RedHat. Read the documentation and get your system current.  I keep one
> of my systems at 7.3 and used apt-get to bring it to the latest rpms
> available.  Which by the way are not as current as they could be but
> better than what you have instlled at present.  APT-GET will resolve all
> dependencies and upgrade your system automagically.  Make sure that you
> do run apt-get update before you do an upgrade or install and make sure
> the apt-getrc, or on a RedHat 7.3 system it is /etc/apt/sources.lst file
> has the correct source for your distribution.   If you are not sure let
> me know and I will post a copy of mine to you.
> 
> gvt
> 
> 
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx
>          with "unsubscribe" in the subject of the message.
> 
>
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux