[CentOS] Update of CentOS 4.0 to 4.3 be serious

Wed Apr 12 21:11:02 UTC 2006
Barry Brimer <barry.brimer at bigfoot.com>

Quoting Mike Stankovic <mlists2006 at yahoo.com>:

> --- Barry Brimer <barry.brimer at bigfoot.com> wrote:
>
> >
> > > The original poster has not told us why he is
> > still on
> > > 4.0
> >
> > This system is still on 4.0 because I installed this
> > system for someone a year
> > ago.  Any time that there is an update that I think
> > is important for him to
> > install, I send him an email telling him to install
> > a newer version to correct
> > the current issue.  It seems that this person has
> > not applied any updates
> > whatsoever since I last touched the system, and I
> > have informed him that it is
> > quite dangerous to have his server live on the
> > internet without updates for a
> > year.  As far as the server it is providing
> > web/email/ftp services, and this is
> > his only server.  I am not close by to this server,
> > but he is, and he can be
> > hands and eyes (with rescue media) if needed.
> > Thanks to everyone for their
> > input, it is greatly appreciated.
> >
> > Barry
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
> That is very serious. You cannot expose an email, web
> and ftp server on the internet without security
> updates for a year. The recent sendmail security
> update allows a remote root exploit !!
>
> There is the possibility that phpbb/phpnuke/awstats
> are installed/cracked by hackers. Get an admin (hire
> one) to look at the server and advise you before you
> proceed further.
>
> It would not be surprising if the server has been
> compromised and
>
> - on a blacklist/used to send spam
> - servers and underground bot network
> - is used to participate in DDOS attacks. You could
> see the FBI knocking on the door of your friend.

I am an admin.  I have not exposed any IP addresses, domain names, client names,
or anything else.  I do know how serious the problem is.  I was hired to set
this system up, and no more.  I gave the usual lecture on updates and security.
   He has not maintained it, so now I am being hired (again) to get the system
up to date.  Part of this will be to hunt for rootkits, perform RPM
verification, etc.