[PLUG] Securing the Box (was: Got hacked last night - HELP!)
Alice Corbin
ali at axian.com
Wed Oct 6 10:08:03 UTC 2004
On Wed, Oct 06, 2004 at 11:01:34AM -0600, Bill Thoen wrote:
> Thanks for all the help and advice on what to do after my machine was
> hacked. It was an experience. Anyway, I'm back in the saddle, and would
> really like not to get shot out of it again for few days at least. So how
> do I secure this box once and for all? (Short of unplugging everything ;-)
>
> This time I'm running RH9 and did a clean, wipe-the-disk-first install.
> It's set up as a stock text-based server that I want to use for my web
> pages, e-mail, and FTP site (using vsftp now.) I want to use SSH also.
> (and for those who know me, I AM running a firewall now...)
>
> The big problem is that RH9 is old and there are some upgrades I need to
> apply. The hardware is old too (P-II), so RH9 is as high as I can go in
> the RedHat line. Above that, I get hardware-incompatibility errors during
> the install. I'm aware that I should probably look at Debian or Slackware
> in the long term, but that's a project for another day.
>
> Here's my first problem. I've got the latest update for OpenSSH from the
> Fedora Legacy site, but when I try to upgrade the rpms, I get a catch-22
> problem:
>
> [root]# rpm -Uvh openssh-3.5p1-11.i386.rpm
> warning: openssh-3.5p1-11.i386.rpm: V3 DSA signature: NOKEY, key ID
> db42a60e
> error: Failed dependencies:
> openssh = 3.5p1-6 is needed by (installed) openssh-clients-3.5p1-6
> openssh = 3.5p1-6 is needed by (installed) openssh-server-3.5p1-6
>
> Okay, so I then try to upgrade the dependency:
>
> [root]# rpm -Uvh openssh-clients-3.5p1-11.i386.rpm
> warning: openssh-clients-3.5p1-11.i386.rpm: V3 DSA signature: NOKEY, key
> ID db42a60e
> error: Failed dependencies:
> openssh = 3.5p1-11 is needed by openssh-clients-3.5p1-11
>
> Arg! So how do I upgrade 3.5p1-6 to 3.5p1-11 when each rpm whines about
> dependencies on the other?
>
Try updating both of them in one fell swoop, as in:
[root]# rpm -Uvh openssh-3.5p1-11.i386.rpm openssh-clients-3.5p1-11.i386.rpm
Ali
More information about the PLUG
mailing list