I've been poking through the security forums here, as well as searching and using google to try to find my answers, but I'm not coming up with exactly what I want to find out.

I have a few questions, and I'm hoping you folks would be kind enough to answer them, or at least point me in the right direction.

1. What are the main security advancements in the 2.6 kernel?
2. What was that big hole in the 2.4 kernel about? Is the patch safe to use, or do you suggest upgrading to 2.6 if possible?
3. Can 2.4 be secured decently well for use on a public web server?
4. I've found several generic guides for securing unix/linux, but how do I know if these are decently up to date? Are there any written specifically for each kernel?

I think is better use a 2.4 then 2.6 kernel, because are more tested, IMHO of course...
Sorry for my bad English...

1. What are the main security advancements in the 2.6 kernel?
SELinux framework I guess. Sue me for not having time to read up on 2.6.x internals...


2. What was that big hole in the 2.4 kernel about?
In layman's lingo: this had to do with memory management.


Is the patch safe to use, or do you suggest upgrading to 2.6 if possible?
Patch is safe, remember it affected 2.6.x too.


3. Can 2.4 be secured decently well for use on a public web server?
Yes.


4. I've found several generic guides for securing unix/linux, but how do I know if these are decently up to date?
Post the locs?


Are there any written specifically for each kernel?
Usually not, unless they're way old.