LinuxQuestions.org - Security Subscription that Make Sense

For both new and old Slackers there are at least a couple of useful subscriptions available that make sense for getting notified of security changes that affect you, your system(s) and your users.

The most basic is to subscribe to the slackware-security list (at http://www.slackware.com/lists/); this gives you e-mail notices of security updates to Slackware packages.

Another would be subscribing to one or more US-CERT mailing lists.

Quote:

US-CERT offers mailing lists and feeds for a variety of products including the National Cyber Awareness System and Current Activity updates. The National Cyber Awareness System was created to ensure that you have access to timely information about security topics and threats.

You can subscribe to US-CERT list(s) at http://www.us-cert.gov/mailing-lists-and-feeds.

Just about 99% of US-CERT notices have to with everybody's favorite hated products (uh, that would be, you know, Microsoft, Patch Tuesday and any other Patch days), but you'll also get notices of problems in widely-used software that won't appear in Slackware security mailings; e.g., Adobe Reader/Acrobat, Oracle Java, etc. US-CERT notices include the who-what-when-where-why information that can be useful: they tell you what to do about it; e.g., shut off the Java Plu-in in every browser.

I keep all my systems at Slackware Stable and only apply updates that appear in the Stable change logs. For those that like the hairy edge, well, the security mailing list may be useful as well.

There are, of course, useful tools such as rsync that will keep things up-to-date and there are subscriptions available at many provider sites; e.g., H-P, Sourceforge, that will notify you when updates become available -- all are worth your time to take a look.

Hope this helps some.