Red Hat NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Guida di Installazione Scaricare il pdf (Pagina 20)

4. Step 2: Updating

OK, this section should be comparatively short, simple and straightforward compared to the above, but no

less important.

The very first thing after a new install you should check the errata notices at http://redhat.com/apps/errata/,

and apply all relevant updates. Only a year old you say? That's a long time actually, and not current enough to

be safe. Only a few months or few weeks? Check anyway. A day or two? Better safe than sorry. It is quite

possible that security updates have been released during the pre−release phase of the development and release

cycle. If you can't take this step, disable any publicly accessible services until you can.

Linux distributions are not static entities. They are updated with new, patched packages as the need arises.

The updates are just as important as the original installation. Even more so, since they are fixes. Sometimes

these updates are bug fixes, but quite often they are security fixes because some hole has been discovered.

Such "holes" are immediately known to the cracker community, and they are quick to exploit them on a large

scale. Once the hole is known, it is quite simple to get in through it, and there will be many out there looking

for it. And Linux developers are also equally quick to provide fixes. Sometimes the same day as the hole has

become known!

Keeping all installed packages current with your release is one of the most important steps you can take in

maintaining a secure system. It can not be emphasized enough that all installed packages should be kept

updated −− not just the ones you use. If this is burdensome, consider uninstalling any unused packages.

Actually this is a good idea anyway.

But where to get this information in a timely fashion? There are a number of web sites that offer the latest

security news. There are also a number of mailing lists dedicated to this topic. In fact, Red Hat has the

"watch" list, just for this purpose at https://listman.redhat.com/mailman/listinfo/redhat−watch−list. This is a

very low volume list by the way. This is an excellent way to stay abreast of issues effecting your release, and

is highly recommended. http://linuxsecurity.com is a good site for Linux only issues. They also have weekly

newsletters available: http://www.linuxsecurity.com/general/newsletter.html.

Red Hat also has the up2date utility for automatically keeping your system(s) up to date ;−). See the man

page for details.

This is not a one time process −− it is ongoing. It is important to stay current. So watch those security notices.

And subscribe to that security mailing list today! If you have cable modem, DSL, or other full time

connection, there is no excuse not to do this religiously. All distributions make this easy enough!

One last note: any time a new package is installed, there is also a chance that a new or revised configuration

has been installed as well. Which means that if this package is a server of some kind, it may be enabled as a

result of the update. This is bad manners, but it can happen, so be sure to run netstat or comparable to verify

your system is where you want it after any updates or system changes. In fact, do it periodically even if there

are no such changes.

4.1. Summary and Conclusions for Step 2

It is very simple: make sure your Linux installation is current. Check the Red Hat errata for what updated

packages may be available. There is nothing wrong with running an older release, just so the packages in it

4. Step 2: Updating 17

1 2 ... 15 16 17 18 19 20 21 22 23 24 25 ... 81 82

Nessun commento

Red Hat NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Guida di Installazione Pagina 20