What is the best way to learn of new threats and cures

I have Red Hat Linux 9 and have used their automatic update service to
keep up with new security threats. RH plans to discontinue the service
as it currently exists. I have to find a way to keep current. Any
suggestions?

Thanks.

cjm

On 2004-05-03, cjmurphy <xyzzy@murphy4.homeip.net> wrote:
> I have Red Hat Linux 9 and have used their automatic update service to
> keep up with new security threats. RH plans to discontinue the service
> as it currently exists. I have to find a way to keep current. Any
> suggestions?


I use Slackware. I check the ChangeLog for system and subscribe to their
security announcements list. You can generally keep a good handle on what's
new by just visiting your distro's website every so often. For my non-distro
apps (like proftpd, apache, php, etc...) I just check their websites now and
then. Even once a day doesn't take that much time. You may also want to
subscribe to some general-purpose security mail lists, such as
Full-Disclosure to keep in tune with what's out there.


--
[jayjwa]:B628B51========================VxL@Atr2=
All the Win you'll ever need: http://www.mingw.org
Let Truth Be Told.............http://microsuck.com

On Mon, 03 May 2004 02:48:27 +0000, jayjwa wrote:
> I use Slackware. I check the ChangeLog for system and subscribe to their
> security announcements list. You can generally keep a good handle on what's
> new by just visiting your distro's website every so often. For my non-distro
> apps (like proftpd, apache, php, etc...) I just check their websites now and

Uh, all those are in Slackware. :)

Most major projects have low-traffic announcement mailing lists. I
subscribe to all of those for the services I have open to the outside,
as well as for major internal-only services. Netfilter, too, for good
measure (I guess you could say that's "open to the outside.")
--
/dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
or put "not-spam" or "/dev/rob0" in Subject header to reply

cjmurphy wrote:
> I have Red Hat Linux 9 and have used their automatic update service to
> keep up with new security threats. RH plans to discontinue the service
> as it currently exists. I have to find a way to keep current. Any
> suggestions?
>
> Thanks.
>
> cjm

Hello,

Fedora FAQs page
http://fedora.artoo.net/faq/#up2date

Move to Fedora-Core-1 (or wait a few weeks till Fedora-2 on kernel 2.6)

Fedora links
http://www.futuredesktop.org/how2burn.html#mirrors


// moma
http://www.futuredesktop.org

cjmurphy wrote:

> I have Red Hat Linux 9 and have used their automatic update service to
> keep up with new security threats. RH plans to discontinue the service
> as it currently exists. I have to find a way to keep current. Any
> suggestions?
>
> Thanks.
>
> cjm

The best way to stay up to date is 1) to set up the up2date thingy to do it
for you, and/or 2) read their webpage.

--
Don't read any sky-writing for the next two weeks.

moma wrote:
> cjmurphy wrote:
>
>> I have Red Hat Linux 9 and have used their automatic update service to
>> keep up with new security threats. RH plans to discontinue the service
>> as it currently exists. I have to find a way to keep current. Any
>> suggestions?
>>
>> Thanks.
>>
>> cjm
>
>
> Hello,
>
> Fedora FAQs page
> http://fedora.artoo.net/faq/#up2date
>
> Move to Fedora-Core-1 (or wait a few weeks till Fedora-2 on kernel 2.6)
>
> Fedora links
> http://www.futuredesktop.org/how2burn.html#mirrors
>
>
> // moma
> http://www.futuredesktop.org

+ http://www.fedoralegacy.org

On Mon, 03 May 2004 14:29:37 -0600, Robert Delahunt wrote:
> cjmurphy wrote:
>
>> I have Red Hat Linux 9 and have used their automatic update service to
>> keep up with new security threats. RH plans to discontinue the service
>> as it currently exists. I have to find a way to keep current. Any
>
> The best way to stay up to date is 1) to set up the up2date thingy to do it
> for you, and/or 2) read their webpage.

It would seem from the OP's quoted text above, that he had done this,
and that the up2date service has been discontinued!
--
/dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
or put "not-spam" or "/dev/rob0" in Subject header to reply

On 2004-05-03, /dev/rob0 <rob0@gmx.co.uk> wrote:

> On Mon, 03 May 2004 02:48:27 +0000, jayjwa wrote:
>> I use Slackware. I check the ChangeLog for system and subscribe to their
>> security announcements list. You can generally keep a good handle on what's
>> new by just visiting your distro's website every so often. For my non-distro
>> apps (like proftpd, apache, php, etc...) I just check their websites now and
>
> Uh, all those are in Slackware. :)

proftpd 1.2.10rc1, apache 2.0.49...

current is at apache 1.3.29, proftpd 1.2.9.


--
[jayjwa]:B628B51========================VxL@Atr2=
1st thing to do after machine compromise: Remove
Windows. 2nd thing to do: install Linux. 3rd:
write a sig like this to rub it in.

On Mon, 03 May 2004 17:38:19 -0500, /dev/rob0 shaped electrons to write:
> On Mon, 03 May 2004 14:29:37 -0600, Robert Delahunt wrote:
>> cjmurphy wrote:
>>
>>> I have Red Hat Linux 9 and have used their automatic update service to
>>> keep up with new security threats. RH plans to discontinue the service
>>> as it currently exists. I have to find a way to keep current. Any
>>
>> The best way to stay up to date is 1) to set up the up2date thingy to do it
>> for you, and/or 2) read their webpage.
>
> It would seem from the OP's quoted text above, that he had done this,
> and that the up2date service has been discontinued!

Check out the Fedora Legacy project.


--
G.Wolfe Woodbury `- -'
U
The Line Eater is a boojum!