[CentOS] Announcement Project based on CentOS 4.4
Paul
subsolar at subsolar.com
Fri Jul 13 02:41:38 UTC 2007
On Thu, 2007-07-12 at 13:45 -0500, Les Mikesell wrote:
> Tronn Wærdahl wrote:
>
> >
> > Yum is removed for ovious reasons :-)
>
> You hate security fixes?? I can't think of any other reason anyone
> would do that.
My biggest irritation with "appliances" is the lack of security updates.
We have several print servers built into work where the Mfg has not
released updates to fix apache, samba and windows RPC vulnerabilities
because they are "appliances" and don't need to be updated.
I'm sorry, if it's connected to the network and has persistent writable
memory like a hard drive I'm a bit worried that it could be used to
perform network attacks if it has remote vulnerabilities.
Back in 2003 we had machines on the WAN infected with blaster and these
were causing the print servers in house based on "Windows NT Embedded"
to crash constantly. When I contacted the support for the copiers their
reply was not to supply an update to the machines or send a tech out to
update them themselves but to "fix your clients". Which was not very
helpful seeing that 100% of the bad traffic was from outside our site
because other sites had not patched their systems.
I will never recommend an "appliance" to anybody were it has externally
accessible services and no way to patch it. Such things are disasters
waiting to happen.
See the following article
http://www.infoworld.com/article/07/07/03/27OPenterwin_1.html
Regards,
Paul Berger
More information about the CentOS
mailing list