[CentOS] Machine becoming irresponsive

Mon Jan 23 16:19:32 UTC 2012
Denniston, Todd A CIV NAVSURFWARCENDIV Crane <todd.denniston at navy.mil>

> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Dotan Cohen
> Sent: Monday, January 23, 2012 10:14
> To: CentOS mailing list
> Subject: Re: [CentOS] Machine becoming irresponsive
> 
> On Mon, Jan 23, 2012 at 16:23, Phil Schaffner
> <Philip.R.Schaffner at nasa.gov> wrote:
> > I'd have a look at why an apparently Internet-facing server is 5
> point
> > releases, plus a lot of subsequent errata, behind the current 5.7
> > release level; and what resultant vulnerabilities might have been
> exploited.
> >
> 
> Thanks. There are a lot of very specific software on that server that
> precludes it from being updated. I believe that 5.2 still is seeing
> security updates, no?
> 

No.
The minor release 5.2 (exactly) is no longer getting updates, but the
major release it is in (5) is up to minor release 5.7.
If you are using the CentOS update mechanisms in the standard configured
way, then you may already be up to 5.7, but simply do not understand the
fact.

"What is the versioning/release scheme of CentOS and how does it compare
to the upstream vendor?"
https://www.centos.org/modules/smartfaq/faq.php?faqid=34

"How do I get updates for CentOS?"
https://www.centos.org/modules/smartfaq/faq.php?faqid=8


The upstream vendor has some information that may help you understand EL
OS minor revisions (or point releases):
"Red Hat Enterprise Linux Life Cycle"
https://access.redhat.com/support/policy/updates/errata/?cid=332371

'"Red Hat Enterprise Linux Compatibility Policies"'
https://access.redhat.com/kb/docs/DOC-5155

Too bad I can't find a centos FAQ pointing to these or explaining it at
a CentOS level, as I am beginning to think "My ancient version of CentOS
is still getting updates, right?" or "I installed X.y of CentOS is it
possible to upgrade to X.(y+1) of CentOS without a full reinstall?" are
becoming FAQ but keep being stated in slightly different ways.

> In any case, a complete reinstall with either 5.2 or a latter version
> is pretty much out of the question for now, though I will try to see
> what needs to be done in that direction. In the meantime, where should
> I concentrate my efforts?

I would suggest investigating the advice of those who are suggesting you
look at the possibility of the box already being compromised. (as it is
better to _KNOW_ for sure.)

Also understanding the actual version of your system may help you.
These three commands may help (if the machine is not compromised, and
perhaps even if it is):
rpm -qa \*release\* 
rpm -qa --last |head
uname -r

Studying for the Linux+ exam (or similar) may point you in many
directions you have not yet known existed.