[PLUG] Securing the Box

R. Haack gluebert at comcast.net
Wed Oct 6 10:15:04 UTC 2004


>On Wed, Oct 06, 2004 at 11:01:34AM -0600, Bill Thoen wrote:
>  
>
>>Thanks for all the help and advice on what to do after my machine was
>>hacked. It was an experience. Anyway, I'm back in the saddle, and would
>>really like not to get shot out of it again for few days at least. So how
>>do I secure this box once and for all? (Short of unplugging everything ;-)
>>
>>This time I'm running RH9 and did a clean, wipe-the-disk-first install.
>>It's set up as a stock text-based server that I want to use for my web
>>pages, e-mail, and FTP site (using vsftp now.) I want to use SSH also. 
>>(and for those who know me, I AM running a firewall now...)
>>
>>The big problem is that RH9 is old and there are some upgrades I need to
>>apply. The hardware is old too (P-II), so RH9 is as high as I can go in
>>the RedHat line. Above that, I get hardware-incompatibility errors during
>>the install. I'm aware that I should probably look at Debian or Slackware
>>in the long term, but that's a project for another day.
>>
>>Here's my first problem. I've got the latest update for OpenSSH from the
>>Fedora Legacy site, but when I try to upgrade the rpms, I get a catch-22 
>>problem:
>>
>>[root]# rpm -Uvh openssh-3.5p1-11.i386.rpm
>>warning: openssh-3.5p1-11.i386.rpm: V3 DSA signature: NOKEY, key ID 
>>db42a60e
>>error: Failed dependencies:
>>        openssh = 3.5p1-6 is needed by (installed) openssh-clients-3.5p1-6
>>        openssh = 3.5p1-6 is needed by (installed) openssh-server-3.5p1-6
>>
>>Okay, so I then try to upgrade the dependency:
>>
>>[root]# rpm -Uvh openssh-clients-3.5p1-11.i386.rpm
>>warning: openssh-clients-3.5p1-11.i386.rpm: V3 DSA signature: NOKEY, key 
>>ID db42a60e
>>error: Failed dependencies:
>>        openssh = 3.5p1-11 is needed by openssh-clients-3.5p1-11
>>
>>Arg! So how do I upgrade 3.5p1-6 to 3.5p1-11 when each rpm whines about 
>>dependencies on the other?
>>
>>    
>>
I've been using a program called YUM for some time that will do the 
updates for you.  It is very much like apt-get for Debian.  All you have 
to do is install it and then issue the following command:

    yum update

It will find all of the latest packages and download and install them 
for you.  Check out the URL below for more info on YUM.

http://linux.duke.edu/projects/yum/download.ptml

>_______________________________________________
>PLUG mailing list
>PLUG at lists.pdxlinux.org
>http://lists.pdxlinux.org/mailman/listinfo/plug
>
>  
>




More information about the PLUG mailing list