Hello, My company use a self made linux distribution mainly based on a Red Hat 7.2. Support is done by a small team. The support offered by the team is new hardware support, specific software queries but no security updates. Now, the company wants to use this distribution for internet servers. It's not secure since the latests updates that comes with it are the fedoralegacy for Red Hat 7.2 (latest : 05/2004). I think that we sould use a supported distribution for our linux servers connected to internet : security updates available (RHEL or other). The company don't really like the idea of using another linux distribution and ask me about the "cost" of securing our distribution. The first thing I want to do is to find out all the known vulnerabilities in the Red Hat 7.2. Since 05/2004, no updates has been avalaible for this distribution. Since you have good experience for supporting non-supported distribution. Can you give me some clues about how I should proceed ? I can look at all fedoralegacy updated for Red Hat 7.3 and try to figure out if each vulnerability is relevent to Red Hat 7.2. But maybe I'll miss some vulnerabilties that are in Red Hat 7.2 and NOT in Red Hat 7.3 ? Thank you if you can give me any clue or idea. David ROBERT. -- http://www.ombrepixel.com/drobert/ -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list