LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Debian (https://www.linuxquestions.org/questions/debian-26/)
-   -   Security Precautions with older kernel (https://www.linuxquestions.org/questions/debian-26/security-precautions-with-older-kernel-167794/)

loadedmind 04-08-2004 11:54 AM
Security Precautions with older kernel
 
Hell all. I, like many others, have an antiquated machine running this distro and am using the older kernel for this very reason. If I have done the necessary "apt-get update" for the version of kernel I'm using, is there still a possibility that, because the newer kernels are the ones being patched and revised, I need to do something else to ensure it's as secure as possible? I try to keep my packages updated, such as samba, etc.


TIA,
~LM

HappyTux 04-08-2004 05:07 PM
Re: Security Precautions with older kernel
 
Quote:
Originally posted by loadedmind
Hell all. I, like many others, have an antiquated machine running this distro and am using the older kernel for this very reason. If I have done the necessary "apt-get update" for the version of kernel I'm using, is there still a possibility that, because the newer kernels are the ones being patched and revised, I need to do something else to ensure it's as secure as possible? I try to keep my packages updated, such as samba, etc.


TIA,
~LM
With Debian kernels the security fixes are backported to the older kernel version(s) and a new version of the kernel image package is released with the -number suffix bumped up by one so the packaging system will know there is a new kernel to install and tell you. From my firewall machine for instance.

Code:
DoopeyTux:/home/stephen# uname -r
2.4.18-586tsc
DoopeyTux:/home/stephen# apt-cache policy kernel-image-2.4.18-586tsc
kernel-image-2.4.18-586tsc:
  Installed: 2.4.18-5
  Candidate: 2.4.18-5
  Version Table:
 *** 2.4.18-5 0
        500 ftp://ftp2.de.debian.org stable/main Packages
        100 /var/lib/dpkg/status
This shows me that I have a 2.4.18-586tsc kernel installed and it is the fifth ( -5) revision of this kernel that has been in the archives and there is no update available. Now none of this will matter if you still have the installation kernel running because the packaging system does not know about it and will never tell you to upgrade. When you say you have "done the necessary apt-get update" do you mean you have installed a kernel from the archives and it is up to date? If so then the security problems have been taken care of.

loadedmind 04-09-2004 07:08 AM
RE: Sec Precautions
 
In short, yes, latest revisions to existing kernel ver. have been applied. I read about exploits found with older kernel ver.'s such as buffer overflows and wanted to ensure that my ver was robust enough to handle such an attack, since it's the first box my network sees before internet comes through. Thanks for that bit of wisdom, good stuff.



~LM


All times are GMT -5. The time now is 03:02 PM.