Within the U.S., it is about 1 every few hours (based on all the old
defacement sites that have been shut down) Most go unreported.
Cause? Bad SysAdmins or a lack of them, bad change control/patch
management or a lack of it.
Forget most of the advice anyone will offer about what to run and not
run. Every app has its shortcomings and all of them can be exploited
no matter what people will tell you. What is considered to be secure
today, will be exploited tommorow.
Instead, just keep your stuff patched. For RH, use their up2date
tool.
As was already stated, if something does not need to be running, shut
it off. Configure and lock it down first though just in case some
monkey comes behind you and turns it on. (People are the weakest link)
You can also watch cert.org, packetstormsecurity.org, neworder.box.sk,
and all the other security boards. Mind you, if its posted to a web
site, it is already VERY old news.
Nothing can replace a good SysAdmin, Programmers and Developers.
(and or course a few IRC junkies sitting on all the irc networks
24/7 drinking Venom, 180's, Bawls and popin Ripped Fuel...)
Aaron
