nate wrote: > Ryan Nichols wrote: > > >> and if i go back to grub take the old kernel its happy.. >> werid.. >> > > Sounds like you should just stick to the old kernel, what's in > the new kernel that you need anyways? Is the system in a secure > place?(e.g. separate firewall protecting it, not directly on > the internet, don't have untrusted users logging in). > > If so, then you really have little to worry about, there is not > much interesting things released in the newer minor version releases > of the kernel in RHEL/CentOS. It's that way on purpose. > > In my experience having all your systems completely up to date is > rare. The environment I stepped into a few months ago for example > is running RHEL 4 Update 1 for the most part. They still run windows > 2000 on several systems, and I don't think they've patched them > recently. But the nature of the environment and the users that > interact on it don't keep me up at night like a system directly > connected to the internet with untrusted users. It'll probably > take me the next 6 months to get everything more up to date in > this particular environment, it has a lot of interdependencies. > And by that point it should be easier to manage going forward, > but we'll still probably won't install updates sooner than > a month or two after they come out in general because that stuff > takes time to test and deploy. > > Hopefully your not in a situation where you have untrusted users, > if so you should replace the hardware with something that is > better supported, or abstract the exposure to the system with > something like virtualization, certainly not perfect but it's > better then nothing, it will help dramatically against the > most common, casual attacks. > > nate > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > We're trying to get support from a 3rd party software we use and they are insiting we goto the current versions of everything for there software before they'll move forward on the support. Thanks, Ryan Nichols