How do I verify a patch is applied?
From: Yong Huang (yong321_at_yahoo.com)
Date: 07/07/03
- Previous message: Peter: "diffie-hellman subject to an easy brute-force attack?"
- Next in thread: Chris Morris: "Re: How do I verify a patch is applied?"
- Reply: Chris Morris: "Re: How do I verify a patch is applied?"
- Reply: Mike: "Re: How do I verify a patch is applied?"
- Reply: D. Stussy: "Re: How do I verify a patch is applied?"
- Reply: /\/\_YoYo_/\/\: "Re: How do I verify a patch is applied?"
- Reply: Joseph Whalen: "Re: How do I verify a patch is applied?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 7 Jul 2003 13:55:14 -0700
Managers keep forwarding security alerts to us even though our Apache
is running inside the firewall (the same with Oracle listeners and
other products). So we apply the patch. But without knowing how the
security hole is exploited, we can only show managers the output of
httpd -v to prove our work. Are we supposed to have somebody really
check by trying to hack? Applying security patches becomes tedious
without knowing the exploit. But obviously we won't know it unless we
spend a lot of time on hackers' forums. What's common practice?
Yong Huang
- Previous message: Peter: "diffie-hellman subject to an easy brute-force attack?"
- Next in thread: Chris Morris: "Re: How do I verify a patch is applied?"
- Reply: Chris Morris: "Re: How do I verify a patch is applied?"
- Reply: Mike: "Re: How do I verify a patch is applied?"
- Reply: D. Stussy: "Re: How do I verify a patch is applied?"
- Reply: /\/\_YoYo_/\/\: "Re: How do I verify a patch is applied?"
- Reply: Joseph Whalen: "Re: How do I verify a patch is applied?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
