Solved

is it allowed to run production server on linux kernel 2.6.34 ?

Posted on 2014-10-09
8
278 Views
Last Modified: 2016-02-11
is it allowed to run production server for web on linux kernel 2.6.34 ?
I suspect this bug have been exploited on my server:
http://www.exploit-db.com/search/?action=search&filter_description=Linux+Kernel+2.6.34
there is an infected php script.
0
Comment
Question by:Nusrat Nuriyev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 7

Expert Comment

by:Stampel
ID: 40370927
Hello, yes it still can be safe to use linux kernel 2.6.34.
The exploit you reference need the attacker to have a local system account to perform this attack. (ssh access)
This is certainly not the case.
What make you think you are infected ?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40371062
Kernel 2.6.34 (pure from kernel.org) is not very secure.
Do you have full version of it (uname -r)?
0
 
LVL 7

Expert Comment

by:Stampel
ID: 40371300
Whenever you use a proper firewall and your apache server is up to date
+ if you only let http port open, i doubt that this kernel would be a problem.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 62

Expert Comment

by:gheist
ID: 40372298
Anybody can consume all system RAM via CVE-2012-6638, firewall or not.
Thats one I remember, plus 100 others lost in time.
If you are patching from whichever still supported source 2.6.34-(whatever number) should be very good for any purpose
0
 

Author Comment

by:Nusrat Nuriyev
ID: 40372337
Do you have full version of it (uname -r)?
2.6.34-12-desktop
uname -a
Linux opensuse 2.6.34-12-desktop #1 SMP PREEMPT 2010-06-29 02:39:08 +0200 x86_64 x86_64 x86_64 GNU/Linux  

How to patch that? maybe just update kernel? if I update it to the newest kernel could it cause any inconsistency in userspace programs behaviour? in FreeBSD I need to get updated both kernel + us + ports, what about suse?
0
 
LVL 62

Accepted Solution

by:
gheist earned 500 total points
ID: 40372363
It is OpenSUSE 11.3 , EOL
You can update to 11.4 evergreen
Or jump to 13.1 which will be evergreen
You can upgrade OpenSUSE with 4GB full install DVD ONLY
(Why not unify your platforms on FreeBSD, or CentOS, or opensuse evergreen for instance)
0
 

Author Closing Comment

by:Nusrat Nuriyev
ID: 40391803
Well, every guy comes to the company with his own philosophy.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40391866
On the pretext that it is unmaintainable at least get it to FreeBSD -RELENG releases, CentOS&Fedora to CentOS 5 or 6 or 7-latest and OpenSUSE to evergreen release thet follows installed one.
At least you & company will have good oversight what is in the server room.

If you run typical apache and tomcat on 20 servers, maybe make load-balance cluster of two linux servers and 10 applications... You gain stability, 99.9% availability and 8 systems off your hands...
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
disks not visible after OS upgrade linux 5 122
Set linux box as ip router 3 85
VMware machine is not booting 6 125
grep command usage 10 28
This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
You ever wonder how to backup Linux system files just like Windows System Restore?  Well you can use Timeshift in Linux to perform those similar action.  This tutorial will show you how to backup your system files and keep regular intervals. Note…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question