Re: Upgrade from RH9 to FC3 or FC4
From: Captain Bubudiu (bubudiu2005_at_yahoo.co.uk)
Date: 06/11/05
- Previous message: Captain Bubudiu: "Re: Most items in my menu have disapeared"
- In reply to: Botond Kardos: "Upgrade from RH9 to FC3 or FC4"
- Next in thread: Kenneth Porter: "Re: Upgrade from RH9 to FC3 or FC4"
- Reply: Kenneth Porter: "Re: Upgrade from RH9 to FC3 or FC4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 11 Jun 2005 18:22:08 +0100 (BST) To: For users of Fedora Core releases <fedora-list@redhat.com>
--- Botond Kardos <Botond.Kardos@essnet.se> wrote:
> Hi,
> I have an old machine running as a firewall.
> It's basically an RH9
> installation with some custom-made packages (kernel,
> openssh, few
> others). If I revert my system to standard RH9 is it
> possible to upgrade
> it to FC3 or FC4? Is this upgrade possible without a
> CD (for example
> boot-floppy + NFS or FTP server)?
> My main reason for the intention to upgrade is
> the fear of rootkits.
> AFAIK FC3 and its targeted SELinux policy gives the
> feeling of safety
> regarding rootkits and other privilege escalation
> vulnerabilities.
> Thanks,
> Botond
1. It is possible to upgrade directly from RH9 to FC3
(not tried FC4 which will introduce further
complications) which i do when i need a testing
machine on Virtual PC. FC3's default kernel does not
work on Virtual PC.
Complications :- SELINUX,udev/dev, kernel less than
2.6, python, rpm and db4. I "cheat" by using yum from
FC3 and a tarball with all base/updates from my local
network. Naturally you have to install some things
manually with the rpm -ivh rather than -Uvh and the
process is fraught with danger.
Do i recommend this in your scenario? NO!! Not for a
production machine.
2. Strip RH9 to minimum(add libxml2 from RH9), grab
FC2 fedora release and yum and then upgrade to Fedora
Core 2 with less problems. You can then upgrade later
to FC3/FC4 with fewer problems.
3. I would recommend you get a GRsecurity kernel and
sit tight on RH9. FedoraLegacy has updates for RH9 by
the way so make it a habit to update from them. A
firewall machine with no LAMP (Apache MySQL and PHP)
is harder to exploit and grsecurity locks down things
well.
Recently memory injection attacks were successfully
ran on unpatched machines and grsecurity-enabled
machines without patches avoided this:-
http://www.webhostingtalk.com/showthread.php?s=&threadid=387710
http://www.webhostingtalk.com/showthread.php?threadid=398645
Fedora Core - The power of Open Source Now! Please search the archives
and fedoraforum.org as the question is likely to have been asked before.
Cheers
Captain Bubudiu
___________________________________________________________
How much free photo storage do you get? Store your holiday
snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Captain Bubudiu: "Re: Most items in my menu have disapeared"
- In reply to: Botond Kardos: "Upgrade from RH9 to FC3 or FC4"
- Next in thread: Kenneth Porter: "Re: Upgrade from RH9 to FC3 or FC4"
- Reply: Kenneth Porter: "Re: Upgrade from RH9 to FC3 or FC4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
