I am frustrated with my lack of progress in learning about, and using Linux. The main reason for this is because I've had so much trouble trying to figure out how to keep my system fully patched! I've got a fresh install of RH 9.0, and would just like to know exactly where to go / what to do, in order to get it completely up to date with patches/updates. I need to do this before I start spending time on my system, because I am a paranoid security freak.

I read _seemingly_ conflicting things everywhere I turn -- RHN is free, RHN is not free, RHN is free as a demo, but not for EOL'd RH 9.0, use YUM, use APT, etc. etc. etc.

Please , someone suggest to me the best way for me to get this machine patched, and keep it patched going forward! Obviously, my Linux knowledge is elementary at best, so please, keep it simple (if possible). ; )

Extremely grateful for your assistance,
bert

They stopped releasing packages/patches for Red Hat. I'd suggest you to upgrade to Red Hat Fedora.

Redhat v9.0 officially hit its "end of life" as of either April or May of this year, and it is no longer officially supported by Redhat. Therefore, I would say that RHN is, well, pretty much irrelevant - you will need to perform any and all patches/upgrades manually.

To be quite honest, if you consider yourself a paranoid security freak, and you are not already attached to Redhat, the best thing to do probably is to switch distros to one that is currently supported and has a substantial user base. Strictly my 2 cents, but throwing all your efforts into keeping a dead distro patched and up to date may require more effort than it might be worth.

Don't get me wrong - I'm not trying to criticize Redhat or the v9.0 distro. Redhat is a good company, I support the work they do, and RH v8.0 and v9.0 were what I used when I was first learning Linux. (I'm still learning Linux now, but have moved over to other distros) The hard fact remains though that Redhat has retired v9.0 and thus, looking towards them for support would not likely be productive.

As serz stated, Redhat now offers Fedora Core, which is today's equivalent (and successor) to v9.0 FC is likewise a good distro, and as you may already know there is a dedicated forum for FC here at LQ. As I said, if you aren't already committed to a distro, it may be worthwhile giving several of the most popular ones a tryout. Naturally, FC will very closely resemble Redhat, since they are both produced by the same group of people. Good luck with it -- J.W.

serz, J.W. --

Thank you muchly for the replies and suggestions.

Much appreciated...

To elaborate somewhat on my previous comments:

1. In terms of security, most distros are basically and fundamentally equivalent, given that they are all built around the same kernel. Therefore, the single-most important component in keeping a machine secure is the sysadmin who maintains it. It would be just as possible to have a tightly-secured distro "A" and a virtually unsecured distro "B", as it would to have the reverse. You can substitute any distro names as A or B and the statement will be true.

2. A site such as LinuxISO is a good central source to download many of the most popular distros. The best thing to do is to try several, then make your own decision as to which one best fits your needs and preferences. Yes, it may be a bit of a hassle in the short term, but the long term payoffs are huge. Alternatively, if you only consider one or two different distros, you may be missing out on something that you might decide you really like, and really works well for you. What's also cool about Linux is that if you get restless with one distro, shifting over to another is relatively easy to do -- if you've got 2 PC's it's a snap, but even with one machine you can set it up a a dual boot between the old distro and the new candidate distro to see how well they match up against one another.

3. Good online documentation can be found here

4. Personally, I am partial to Slackware and Suse, but the only reason I am is because I took the steps outlined in #2 above. In alphabetic order, I would consider the following distros as the most mainstream [Note: this is strictly my personal opinion; others may disagree]: Debian, Fedora, Gentoo, Knoppix, Mandrake, Slackware, Suse. There are numerous other worthwhile distros out there, but these are the ones that I would say would have the largest user base. Redhat naturally could be considered a glaring omission from this list, but I am excluding it due to the fact that it has ended support for v9.0 and all preceding versions. It's still a good distro, and as long as you're willing to put in the time to patch it and keep it secure, you would be able to run it indefinitely. It basically comes down to a matter of how much work you want to put into it to keep it up to date.

Good luck with whatever decision you make. -- J.W.

Just to expand on RH options:

1. Stick with RH9 and use YUM tool (which handles dependencies automatically), which you can get from http://linux.duke.edu/projects/yum/. See also www.fedoralegacy.org, which intends to handout updates for RH 9 for a whilst yet.
It's also taken over support for RH FC1...

2. Goto RH FC2 (Fedora core 2), but be aware it's bleeding edge. YUM comes as std I believe. It's a community support thing.

3. Goto www.whiteboxlinux.com and get a free version of RH Enterprise Linux. They supply updates as they are issued.

I'd recommend just using Fedora. It's similar to Red Hat 9, just remember to upgrade when new versions come out.