[lug] Attempted hack from 202.185.243.121
Nate Duehr
nate at natetech.com
Wed Apr 24 13:15:19 MDT 2002
> The problem was the exploit used on me had long ago been patched
> (the current Redhat wouldn't install on my machine due to bugs in the
> installer),
> so I wouldn't have seen it on any of the security watch mailing lists or
> web sites. I couldn't even find it on *Redhat's* website after
> the fact when I knew the exploit. Now that I have been using Linux a
> little longer, I know about the alternate ways of automating Redhat
> package updates, but it still doesn't beat the built-in power of apt-get.
Gotcha. And agreed on apt... wonderful tool. The fairly recent addition of
the attempt to download source dependencies when downloading source packages
for builds is REALLY nice.
RHN seems to be a decent replacement for it RH systems, and Red Carpet from
Ximian also seems to do a decent job, if using their desktop stuff...
strange dependency issues abound with Ximian but still a neat idea.
I think the Ximian GNOME desktop is stable and done well enough I'd
recommend it to anyone just wanting a nice desktop Linux machine. The
recent changes to RPM itself seems to be a shot-across-the-bow from Red Hat
towards Red Carpet competing with their RHN system, but that may just be
paranoia talking. Currently a machine with the latest RPM binaries can't
use the Ximian shell installer script, but a manual process can be used to
get the packages via a manual install of Red Carpet. The Ximian folks are
working on it. If you take a fresh load (not-patched) of RH 7.2 and don't
update it, but just go straight to installing Ximian, that works, so there's
still viable ways to try it out... but it's a bummer that RH decided to
break binary compatibility on RPM. Of course, one could argue that it's a
bummer that Ximian didn't use the abstraction libraries provided for RPM
too... heh. Always seventeen sides to every two-sided coin in Linux!
> The big downside to Debian for some people is that the testing version
> basically requires a high-speed internet connection to keep up to date.
> Their stable versions come out about once an ice-age or so, which means CD
> updates aren't a good solution.
Woody's due out (finally) any time now... I'm planning some testing of the
installer (generic bug hunting) here in a day or two if time permits... need
to get another hard drive enclosure/swap-box for the desktop machine and put
one of the old drives in it for testing... man I love the ability to just
swap the drive with the twist of a key and a pull on the handle. :-)
> I have used both Debian and Red Hat quite a bit, and I don't understand
> why Red Hat has so many more people using it.
Marketing. ;-)
Nate, nate at natetech.com
More information about the LUG
mailing list