I would also suggest running nessus (http://www.nessus.org), etc against this server(s).. **Get permission** to do so, run at low usage time to determine what packages are most vulnerable.. Also, *always* make sure to test updates on test box prior to the production site... it might seem like a small update, but it could also update dependencies on other applications.. -- --- Chiringuito t_r_e_i_d_y_@xxxxxxxxxxxxxxxxxx On Fri, 03 Sep 2004 21:31:47 +0000, George Van Tuyl <gvantuyl@xxxxxxxxxxxx> wrote: > > > RCS Computers wrote: > > > Hi, > > > > I recently took over programming for a semi-large web site. They are > > currently using a web-design / hosting company to manage their server. > > They are running RH 7.3 and it looks like the system has not been > > updated in quite some time. Can you tell me how I might take the > > version numbers of the things listed below and find out if there are > > any security vulnerabilities. > > > > I realize that I could just update anyway, but I am going to have to > > prove that the current set up is a security risk. Thank you in advance. > > > > The following ports are open on this web server: > > > > pop3 > > imap > > http > > ftp > > ssh > > smtp > > https > > > > I am not really familiar with ip chains, but this looks like > > everything is accepted: > > > > Chain input (policy ACCEPT): > > target prot opt source destination ports > > ACCEPT tcp -y---- anywhere anywhere any -> ssh > > ACCEPT tcp -y---- anywhere anywhere any -> smtp > > ACCEPT tcp -y---- anywhere anywhere any -> http > > ACCEPT tcp -y---- anywhere anywhere any -> ftp > > ACCEPT all ------ anywhere anywhere n/a > > ACCEPT all ------ anywhere anywhere n/a > > ACCEPT udp ------ ns.bluegrass.net anywhere domain -> any > > REJECT tcp -y---- anywhere anywhere any -> any > > REJECT udp ------ anywhere anywhere any -> any > > Chain forward (policy ACCEPT): > > Chain output (policy ACCEPT): > > > > > > Here are the versions of pertinent programs: > > > > Distro: RH 7.3 > > Kernel: 2.4.18-3 > > Apache: 1.3.28 > > NcFTP 3.1.3/985 > > OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f > > Postfix: 1.1.12 > > ipopd: not sure how to find out > > imapd: not sure how to find out > > > > > > > > -------------------------------------- > > Randy Syring > > RCS Computers > > www.rcs-comp.com > > > > "Whether, then, you eat or drink or whatever you do, do all to the > > glory of God." > > 1 Cor 10:31 > > ------------------------------------------------------------------------ > > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > > with "unsubscribe" in the subject of the message. > > > > > Make your life easy with apt-get. > > You will need at some point move to a distribution that you can keep > current. Slackware, Debian, etc.... It will take some time to put > together a migration plan but for for that but for now go to > "http://apt.freshrpms.net/"; download and install the apt-get rpm for 7.3 > RedHat. Read the documentation and get your system current. I keep one > of my systems at 7.3 and used apt-get to bring it to the latest rpms > available. Which by the way are not as current as they could be but > better than what you have instlled at present. APT-GET will resolve all > dependencies and upgrade your system automagically. Make sure that you > do run apt-get update before you do an upgrade or install and make sure > the apt-getrc, or on a RedHat 7.3 system it is /etc/apt/sources.lst file > has the correct source for your distribution. If you are not sure let > me know and I will post a copy of mine to you. > > gvt > > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > with "unsubscribe" in the subject of the message. > > ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
