> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Dotan Cohen > Sent: Monday, January 23, 2012 10:14 > To: CentOS mailing list > Subject: Re: [CentOS] Machine becoming irresponsive > > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > <Philip.R.Schaffner at nasa.gov> wrote: > > I'd have a look at why an apparently Internet-facing server is 5 > point > > releases, plus a lot of subsequent errata, behind the current 5.7 > > release level; and what resultant vulnerabilities might have been > exploited. > > > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? > No. The minor release 5.2 (exactly) is no longer getting updates, but the major release it is in (5) is up to minor release 5.7. If you are using the CentOS update mechanisms in the standard configured way, then you may already be up to 5.7, but simply do not understand the fact. "What is the versioning/release scheme of CentOS and how does it compare to the upstream vendor?" https://www.centos.org/modules/smartfaq/faq.php?faqid=34 "How do I get updates for CentOS?" https://www.centos.org/modules/smartfaq/faq.php?faqid=8 The upstream vendor has some information that may help you understand EL OS minor revisions (or point releases): "Red Hat Enterprise Linux Life Cycle" https://access.redhat.com/support/policy/updates/errata/?cid=332371 '"Red Hat Enterprise Linux Compatibility Policies"' https://access.redhat.com/kb/docs/DOC-5155 Too bad I can't find a centos FAQ pointing to these or explaining it at a CentOS level, as I am beginning to think "My ancient version of CentOS is still getting updates, right?" or "I installed X.y of CentOS is it possible to upgrade to X.(y+1) of CentOS without a full reinstall?" are becoming FAQ but keep being stated in slightly different ways. > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where should > I concentrate my efforts? I would suggest investigating the advice of those who are suggesting you look at the possibility of the box already being compromised. (as it is better to _KNOW_ for sure.) Also understanding the actual version of your system may help you. These three commands may help (if the machine is not compromised, and perhaps even if it is): rpm -qa \*release\* rpm -qa --last |head uname -r Studying for the Linux+ exam (or similar) may point you in many directions you have not yet known existed.