[TriLUG] oldest production linux box

[Dan Monjar]

--On Thursday, March 04, 2004 02:54:47 PM -0500 Mike M 
<linux-support at earthlink.net> wrote:

> This thread was started with a highlight of a 2.1 kernel still humming
> along - which is very cool.  Now if it hasn't been updated for security,
> then there's a good chance the ssh is vulnerable.
>
> I am guessing that keeping a sub 2.2 kernel based system up to date is
> similar to maintaining a Gentoo system.
>
> I am poking
> around for clues on how an older kernel in maintained.  The older
> kernels seem to be a good place to begin learning device driver
> writing.  You see, I am actually trying to twist the thread to serve
> my own selfish needs - heh-heh.  But at the same time I curious if
> an old kernel system can be secure - or will it be deficient without
> examining and tweaking each application used?  Any hints on how to
> STFW on this?
>
> Would it be too parnoid to suggest that announcing that you have an
> old system working dependably might be a human engineering nugget
> to a cracker who might rightly assume such a system is vulnerable
> to legacy exploits?

which might explain why I got no other replies <grin>... as far as security 
Turnpike Man called it right.  The only thing this machines does is service 
internal DNS queries.  You can't get to it through the Internet.  If you 
are sitting on my internal network you can get to it and I suppose you 
could hack into it if you really wanted to.  But it wouldn't get you much. 
I haven't updated the kernel because it works for what I need it to do. 
But that doesn't mean I haven't updated the other components.  I tend to 
install minimal systems and then compile the other programs I need from the 
source, at least for my servers.  I just never got into the 'install the 
binaries from the rpm' state of mind.  It just not how I like to do things.


-- 
Dan Monjar