Ubuntu Security :: Apply Security Updates Alone - Server
Aug 14, 2010
I'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
View 2 Replies
ADVERTISEMENT
Apr 2, 2010
So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies
View Related
Oct 25, 2010
With an Ubuntu 10.10 upgraded from 10.04, under Software Sources, Updates, there is a radio button marked "Install security updates without confirmation." I have this radio button marked, but still get "Important security updates" almost daily in my update manager. I don't remember this feature actually ever working.
View 9 Replies
View Related
Aug 25, 2010
Is there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies
View Related
Apr 8, 2010
Does anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
View 9 Replies
View Related
Jun 8, 2011
I just put the latest updates onto My CentOS 5.6 server. It started life as a 5.4 Server, then the upgrades took it to 5.6.
The latest updates did a Kernel Update and the server sent me two messages : -
-----BEGIN MESSAGE-----
[2011-06-08T12:37:17+0200] centos54.xxx.yyyyy.com
ALERT : [2011-06-08T12:37:17+0200] msg=<START>, program=<Samhain>, userid=<0>, path=</etc/samhainrc>, hash=<256A548F71A768CC1E054F0C1E90E8674D36A09BDF9E5D13>, path=</var/lib/samhain/samhain_file>,
[Code]....
View 5 Replies
View Related
Jul 11, 2010
so the firewall rules I am currently using are displayed below.
Code:
# DROP ALL FORWARDED PACKETS
iptables -P FORWARD DROP # DROP ALL PACKETS
# ALLOW DHCP THROUGH THE FIREWALL
[code]....
View 6 Replies
View Related
Feb 6, 2010
We are trying to define an appliance based on Suse for an application server and Web server Apache, so we would like to know configuration best practices for network and security, is there any paper/doc about best practices?
View 3 Replies
View Related
Mar 25, 2011
So, it is my understanding that Ubuntu's automatic updates do not install ANY updates that are not "important security updates." For example, it did not upgrade me to Firefox 4 automatically; I had to do it myself (Don't all new browser versions usually contain new security features/patches? Oh well...That is a separate question entirely).
ANYWAY, is there some way to get the latest stable versions of all of my open-source software automatically (or at least all at once, on command), instead of just security updates? It seems silly to have to install new versions for every program manually.
Also, related/side question: Now that I have installed Firefox 4 myself (via apt-get by adding the mozilla-stable PPA), will I stop getting security updates for Firefox through the standard Ubuntu update manager?
Actually, a really thorough explanation of the whole automatic update system (or a link to one) would be great too.
View 2 Replies
View Related
May 8, 2011
I'm concerned about security of having a LAMP server on my laptop as having any server makes the system less secure. However, if I were to create a new partition and install a lamp server on that and only use it when offline, would the security of my main partition be affected at all?
View 3 Replies
View Related
Jul 22, 2011
I've recently been running a game server from my desktop, as well as a web page to accompany it.I use the ports 80/8123(HTTP)/5900(VNC)/50500(GAME)/5839(ADMINISTRATION).What's the best solution to protect my server from security threats? On a side note, I plan on adding a MySQL server later, but I want to keep it local only.
View 9 Replies
View Related
Aug 29, 2009
I followed this how to to make a NFS server: [url]
So it means: exports looks like this:
Quote:
Here are some quick examples of what you could add to your /etc/exports
For Full Read Write Permissions allowing any computer from 192.168.1.1 through 192.168.1.255
It means that if sbdy arrives with a linux machine, puts the ethernet cable into the router, then logs as root on his machine, and mount the exports. He can do almost everythg, with permissions chmod'ing ...
Is that LAMP, or i am wrong for nfs kernel servers, the ultimate users/password servers against that to prevent those physical approches /logins?is there good how to ?
View 5 Replies
View Related
Feb 15, 2011
I want to know how can I test my server security with hping3 tool I want to make a virtual DoS or DDoS or SYNK attack in my LAN to test my server security and ability against these attack .Is hping3 a good solution for this or not if yes how can I do this which option of this can make such these attacks?
View 4 Replies
View Related
Jul 16, 2010
Question (and Google results aren't making this clear): Ubuntu has both iptables & ip6tables installed. 1. If I set a rule in iptables, does that rule also apply to ipv6, or just ipv4?
2. If "no" to above, then it would be prudent to *also* set ip6tables rules as well if I want to maintain an active firewall, correct?
3. Does ip6tables rules have the same syntax and behavior (more or less) to iptables rules - i.e. can I just copy my iptables rules & change "iptables" to "ip6tables"?
4. Any gotchas or issues that I should be aware of?
View 9 Replies
View Related
Jan 2, 2010
Just a week or so back when i run update manager I can no longer install any security updates - its all grey in the tick boxes.
How do I remedy this ?
View 5 Replies
View Related
Jun 4, 2010
After doing weekly recommended security update a problem occured, next system boot the network manager applet was missing from panel and I had two volume controls in its place. Logging into other user accounts network manager is there and working. How do I fix this? I have not got a clue! I use a usb hawaweii modem, working fine. Just main user account not net work manager. Im running 9.10 and it has not been a problem before.
View 4 Replies
View Related
Jul 29, 2011
Twice this week I've tried to download " Important security updates". Each time the response is:
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/...u9.5_amd64.deb
404 Not Found [IP: 91.189.88.30 80]
W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/...u9.5_amd64.deb
404 Not Found [IP: 91.189.88.30 80]
[Code].....
View 6 Replies
View Related
Sep 3, 2011
I recently reported a bug in a package, which was fixed upstream and in the Debian package, but the bug was not security-related. The Debian settings on all of the computers is set to receive only the security updates. The other setting for proposed updates, is currently not enabled
Must Proposed Updates be enabled, in order to receive the non-security updates, including the update to the package in question?
View 4 Replies
View Related
Jun 20, 2011
What is the easiest and proper way to get security updates for slackware.
View 13 Replies
View Related
Dec 2, 2009
Is there a mailing list or an alert where I can subscribe to, so I know if there's critical or moderate patches I have to apply to my Centos 5 servers.
View 5 Replies
View Related
Mar 27, 2010
I installed ubuntu a few days ago, today I got like 250mb of security updates to I let them run, then restarted, now it keeps running in low graphics mode, everything looks rubbish and I have no desktop effects, the sound has also stopped working. Everything was great prior to this, I was beginning to love the switch from ms to ubuntu. The sound/video are both via hdmi so I am imagining its something to do with the graphics. I would wipe the system and start fresh but it took me so long to get my sound and wireless working.
View 4 Replies
View Related
May 25, 2010
I've recently installed the unattended-upgrades package on a few Ubuntu 9.04 servers, and it's working great to automatically install security upgrades. However, is there a way to have non-security upgrades automatically installed as well? The README for unattended-upgrades says it'll do security ones only.
My main goal is to have all package upgrades be installed unattended except for kernel and libc upgrades (I want to do those manually on my own time). I guess I could write a script that does 'apt-show-versions -u' to get a list of upgradable packages and then do 'apt-get install' on the packages if their names don't match linux-server, linux-image-server, or libc*, but I was hoping there's an easier way to accomplish this.
I've looked at 'aptitude safe-upgrade -y', but I think that'll install kernel and libc upgrades.
View 3 Replies
View Related
Oct 23, 2010
What's with todays updates? Webkit librarys and Firefox updates. Was there a security issue that's just recently been fixed? Just wondering, I'm obviously going to install them.
View 1 Replies
View Related
Nov 18, 2010
is it normal having several security updates week after week in a 10.04 ubuntu lts server distro? Some of them even need a system restart, which I consider truly bad for a web server...
View 1 Replies
View Related
Mar 7, 2011
I'm using Ubuntu Lucid Lynx and every time I search for updates it ask for authentication. I'd like to search and apply updates without confirmation. Is it possible in some manner?
View 1 Replies
View Related
Apr 24, 2011
...a malicious individual could damage or take control of your system"See: https://dl-web.dropbox.com/get/Publi...png?w=ae903921and: https://dl-web.dropbox.com/get/Publi...png?w=2c144a02So should I really go ahead and install the updates or what may have gone wrong at the Ubuntu repository?
View 9 Replies
View Related
Jul 17, 2011
how safe is it to run Ubuntu updates when I'm connecting via a public network (wireless or wired) from a hotel (or other public settings). I'm not familiar with the internals but is there an additional validation mechanism for the package servers other than the URL ?
View 4 Replies
View Related
Jul 20, 2015
In the past i used OpenSUSE for a few months, in OpenSUSE all updates related to security labeled as "Security Update" like updates related to Firefox, unlike OpenSUSE in the Debian i did can't find a way to detect security updates.
View 5 Replies
View Related
Apr 30, 2010
I've been looking for an aptitude command to search for security updates. This information is being shown when running the screen. So far I reached to this command: aptitude search '~S ~VCANDIDATE ~Asecurity ~U' It looks like producing the correct results, but I still don't quite understand the how the filter (~S) command works.
View 3 Replies
View Related
Nov 14, 2009
I have been experiencing harassment with my websites being hacked so pardon me if this is an over-paranoid question.
Just recently started on FC11 after having abandoned Fedora for CentOS for a few months. So glad to be back, but...
I have been getting notices about security updates. When I click for the update, I am not asked for the root password and the update occurs.
View 12 Replies
View Related