Topic: Security help please

[Theo]

I am running 5.1.2 and have applied blade 2. Am I secure? I know, sounds dumb...but do I need to be as vigilant as I would with redhat, who sends me like 5 emails a week telling me this or that needs to be updated. Where do I find a list of critical security updates for this version if so. I see we are on update3 for 5.1.2, do I install tht or should I go back and install 1 and 2 as well. Thanks, Theo

[jb]

You should install the updates to 5.12 via the instructions listed on www.e-smith.org.

[Ray Mitchell]

ftp://ftp.e-smith.org/pub/e-smith/updates/5.1.2/

Regards
Ray Mitchell

[Theo]

I am looking at the packages, and even they seem out of date? Is their a reason for this? Should I use the more recent updates to php apache etc?

[Bob Bradley]

Go use Windows 2000 server instead it stays up to date.

[Theo]

Ah, now this is the straight forward helpfulness that makes linux guys so special! Thank you Bill for you ever so helpful opinions! Geez, where would we all be without the greatness and enlightenment that you bring to the world. Thanks Bill!

[Theo]

Ahem...did I say Bill? I meant Bob, no offense intended to any and all Bills present!

[Cyrus Bharda]

I have this same problem, coming from a windoze background, but I have found that as long as i check the e-smith.org site for any updates, my server has been fine, but I'm using 5.5 with update 2. I will NEVER go back to windoze now, just cannot force myself to. That is as a server, still getting the hang of installing a *nix based workstation getting better at it every re-install

Cyrus Bharda

[Ray Mitchell]

Theo
If you do a clean instal of v5.1.2 and then apply the update 1 then update 2 then update 3 you would be covered for sure. Each update can be done very quickly.

I seem to recall reading that the later updates "supersede" the earlier updates, so if you install update 3 only then you should be covered.

Can another expert please confirm this ?

Again my understanding is that the updates that mitel release at e-smith.org are critical and should be all that you need to apply to ensure your system is secure.

Other package updates can be applied if you feel you have a need for the extra features etc that those packages have, but from a security, system stability and compatibility point of view they are not neccessary and may in fact conflict with other rpm versions in your version of sme server.
It is not always a good idea to instal newer releases into a complex interdependent system such as sme server, the developers know "which works with what" so to speak.

Again if I have got this wrong could an expert please confirm otherwise ?

Regards
Ray Mitchell