Nusrat Nuriyev
asked on
is it allowed to run production server on linux kernel 2.6.34 ?
is it allowed to run production server for web on linux kernel 2.6.34 ?
I suspect this bug have been exploited on my server:
http://www.exploit-db.com/search/?action=search&filter_description=Linux+Kernel+2.6.34
there is an infected php script.
I suspect this bug have been exploited on my server:
http://www.exploit-db.com/search/?action=search&filter_description=Linux+Kernel+2.6.34
there is an infected php script.
Kernel 2.6.34 (pure from kernel.org) is not very secure.
Do you have full version of it (uname -r)?
Do you have full version of it (uname -r)?
Whenever you use a proper firewall and your apache server is up to date
+ if you only let http port open, i doubt that this kernel would be a problem.
+ if you only let http port open, i doubt that this kernel would be a problem.
Anybody can consume all system RAM via CVE-2012-6638, firewall or not.
Thats one I remember, plus 100 others lost in time.
If you are patching from whichever still supported source 2.6.34-(whatever number) should be very good for any purpose
Thats one I remember, plus 100 others lost in time.
If you are patching from whichever still supported source 2.6.34-(whatever number) should be very good for any purpose
ASKER
Do you have full version of it (uname -r)?2.6.34-12-desktop
uname -a
Linux opensuse 2.6.34-12-desktop #1 SMP PREEMPT 2010-06-29 02:39:08 +0200 x86_64 x86_64 x86_64 GNU/Linux
How to patch that? maybe just update kernel? if I update it to the newest kernel could it cause any inconsistency in userspace programs behaviour? in FreeBSD I need to get updated both kernel + us + ports, what about suse?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well, every guy comes to the company with his own philosophy.
On the pretext that it is unmaintainable at least get it to FreeBSD -RELENG releases, CentOS&Fedora to CentOS 5 or 6 or 7-latest and OpenSUSE to evergreen release thet follows installed one.
At least you & company will have good oversight what is in the server room.
If you run typical apache and tomcat on 20 servers, maybe make load-balance cluster of two linux servers and 10 applications... You gain stability, 99.9% availability and 8 systems off your hands...
At least you & company will have good oversight what is in the server room.
If you run typical apache and tomcat on 20 servers, maybe make load-balance cluster of two linux servers and 10 applications... You gain stability, 99.9% availability and 8 systems off your hands...
The exploit you reference need the attacker to have a local system account to perform this attack. (ssh access)
This is certainly not the case.
What make you think you are infected ?