LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-11-2003, 03:01 PM   #1
thetwin
Member
 
Registered: Feb 2003
Distribution: Linux RedHat 7.2
Posts: 47

Rep: Reputation: 15
Security of rhn and up2date


Hello All

Does anyone know of or heard of the automatic update service of Redhat up2date being a security issue. I did not install this service on my firewall and generally download the updates from Redhat from a machine inside the network, ftp them onto the firewall and install the updates. I am thinking of putting the up2date service on the firewall.


Thanks in advance
 
Old 09-11-2003, 03:46 PM   #2
complus
Member
 
Registered: Aug 2003
Distribution: Red Hat 9
Posts: 76

Rep: Reputation: 15
I have just recently started my search for an answer to the exact same question. I want my installation to be current, but I don't want to jeopardize the security of it to get there. I do not know the security issues involved with running up2date and rhn.

Have you had any luck in your search?

Thanks
 
Old 09-11-2003, 06:42 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,118
Blog Entries: 54

Rep: Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786
Not any issues I know of if you install the latest packages, but since this is a single-purpose box (w/o any network daemons running on it RIGHT?) it shouldn't have that many packages installed. You need it 24/7 w/o glitches, I'd say if you got the time, go for manual. If you do use up2date make sure you never ever automagically update crucial stuff like the kernel or glibc.
 
Old 09-11-2003, 07:40 PM   #4
thetwin
Member
 
Registered: Feb 2003
Distribution: Linux RedHat 7.2
Posts: 47

Original Poster
Rep: Reputation: 15
As far as I know I only installed the minimum packages. I am not 100 percent sure which daemons constitute all of the "network daemons' however there are no services running open to the Internet. i.e. Apache, ssh, telnet, ftp. When I need to ftp the upgrade rpm's onto the firewall/router, it is necessary for me to go into xinetd.d and turn the wu-ftpd service on. (only open to the internal network). I then turn it off again and restart xinetd. Kinda the long way to do things This box does hand IP's to the internal network though. Did I mention I am a newbie

Cheers
 
Old 09-14-2003, 05:02 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,118
Blog Entries: 54

Rep: Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786Reputation: 2786
When I need to ftp the upgrade rpm's onto the firewall/router, it is necessary for me to go into xinetd.d and turn the wu-ftpd service on. (only open to the internal network). I then turn it off again and restart xinetd.
Or run OpenSSH and just scp the data over. OpenSSH comes in handy as well when you need to be on the box for other reasons as well I'd say. Just make sure you log in as regular user and sudo to root.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to uninstall RHN up2date? concoran Linux - General 1 09-11-2005 07:42 PM
up2date, rhn, and yum johnMG Fedora 7 07-28-2005 08:18 PM
Fedora core 3 and RHN up2date pheedalop Fedora - Installation 5 03-08-2005 03:25 PM
Custom make up2date (RHN) repository TuxFreak Fedora 2 02-20-2005 08:40 AM
up2date rhn applet glock19 Linux - Distributions 4 12-03-2002 12:18 PM


All times are GMT -5. The time now is 01:31 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration