[TriLUG] oldest production linux box

Mike M linux-support at earthlink.net
Thu Mar 4 14:54:47 EST 2004


On Thu, Mar 04, 2004 at 07:07:08AM -0800, Turnpike Man wrote:
> I'm betting for "company's internal use" he may not care as long as it performs
> its duties.  But a good question anyway!

This thread was started with a highlight of a 2.1 kernel still humming
along - which is very cool.  Now if it hasn't been updated for security, 
then there's a good chance the ssh is vulnerable.

I am guessing that keeping a sub 2.2 kernel based system up to date is
similar to maintaining a Gentoo system.  

I am poking 
around for clues on how an older kernel in maintained.  The older
kernels seem to be a good place to begin learning device driver
writing.  You see, I am actually trying to twist the thread to serve
my own selfish needs - heh-heh.  But at the same time I curious if
an old kernel system can be secure - or will it be deficient without
examining and tweaking each application used?  Any hints on how to
STFW on this?

Would it be too parnoid to suggest that announcing that you have an
old system working dependably might be a human engineering nugget
to a cracker who might rightly assume such a system is vulnerable 
to legacy exploits?

-- 
Mike

When the correction first comes, we tend to underreact. While we do not 
like the surprise, we tend to think of it as maybe a one-time thing. 
Things, we believe, will soon get back to normal. We do not scale back 
our expectations sufficiently. It apparently takes years for this to 
work itself out. - John Mauldin



More information about the TriLUG mailing list