Bug 72771
| Summary: | standard install rh7.3 instantly breached, netbus installed | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | mike ramstrom <mrzond> |
| Component: | ipchains | Assignee: | Mike A. Harris <mharris> |
| Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.3 | CC: | mrzond |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2002-08-27 18:07:42 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
mike ramstrom
2002-08-27 18:07:35 UTC
There have been many security updates of the software included in Red Hat Linux 7.3 since it was originally released. The first thing that one should do after installing the operating system, is update _all_ software to the latest versions which Red Hat has released since the OS became available. You should not put any system live online until it is updated with security updates. This is true for any Linux distribution, or any other operating system. If a system is not properly updated with security updates, then it is quiet likely that it could be breached if connected to the Internet. It is the responsibility of the end user to ensure that their system is properly updated with our security updates before putting it online. This is not a bug in the distribution, it is just common security practice. Since this was filed against ipchains, and is not an ipchains bug report, I'll add a few additional comments pertaining to firewalling. ipchains/iptables packet filtering is not at all 100% protection against system intrusion. ipchains and iptables can only protect the system against intrusion if they are configured properly to block ports that are to be isolated from external sources, etc. Any ports that one allows through the packet filter, and which have software listening on those ports for incoming connections, will allow someone to connect to them by definition. This is not a bug, this is the way the software works, and is supposed to work. If you do not want people connecting to a given port, then you need to configure ipchains/iptables to block that port. If you do allow people to connect to a given port, then it is your responsibility to ensure that the software listening on that port, is updated to the latest security and bugfix updates that have been released by Red Hat for your distribution release. Updates are available via Red Hat Network by using "up2date", or via the web based Red Hat Network infrastructure, as well as via FTP from: ftp://updates.redhat.com Red Hat regularly publishes security advisories to Bugtraq, and other common security lists, as well as to redhat-watch-list, which is archived. We've got a section on our website dedicated to computer security/advisories as well: http://www.redhat.com/support/alerts There are various guides, etc. available at the above URL with which to learn how to properly secure your system and keep it secure. Since this isn't really a bug report, and isn't a bug in ipchains, I'm closing this bug as NOTABUG. I hope that you may find this information useful to you in keeping your systems properly secured and up2date, and raising the bar against further system compromise. |