[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 5/4/05, Mark Mitchell <m.l.mitchell@xxxxxxxxx> wrote:
Try www.insecure.org - it's not exactly what you're looking for but . . . well, anyway the "bugtraq" link on the front page should be informative. Basically as long as you're not using a release that's years old you shouldn't have two many problems, try to minimise the number of services you run (e.g. Apache always has new exploits).
Apache doesn't have that many exploits - there are usually a few exploits around for specific modules such as mod_php, can't remember the last mod_perl exploit, and the few apache exploits that exist are rarely a problem for a well configured system. I can leave Linux/Apache/Perl/Mysql Systems unchanged for months or years at a time because of the lack of vulnerabilities, attacks on those vulnerabilities and strict firewall and configuration rules. I keep an eye on the RHN errata but 99% of the updates are low priority and/or stuff I don't have installed or new features. A. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html