Re: How do I verify a patch is applied?

From: Chris Morris (c.i.morris_at_durham.ac.uk)
Date: 07/08/03


Date: 08 Jul 2003 09:00:06 +0100

yong321@yahoo.com (Yong Huang) writes:
> Managers keep forwarding security alerts to us even though our Apache
> is running inside the firewall (the same with Oracle listeners and
> other products). So we apply the patch. But without knowing how the
> security hole is exploited, we can only show managers the output of
> httpd -v to prove our work. Are we supposed to have somebody really
> check by trying to hack? Applying security patches becomes tedious
> without knowing the exploit. But obviously we won't know it unless we
> spend a lot of time on hackers' forums. What's common practice?

Don't forget that some security fixes are against potential problems
for which no real-world exploit is known.

Also don't forget that being inside the firewall only helps if a) the
firewall works and b) the integrity of every other machine inside it
is good.

-- 
Chris


Relevant Pages

  • [REVS] Bypassing Client Application Protection Techniques
    ... Get your security news from a reliable source. ... protection programs. ... * Kerio Personal Firewall 4.0 ... And we got actually nothing in the field of client application ...
    (Securiteam)
  • Re: Recycler security issues on IIS server
    ... > latest upates to the server. ... > like to see the server put behind our firewall, ... other software, install all patches, IISlockdown, URLscan, use the correct ... the procedures you follow may vary depending on your security needs. ...
    (microsoft.public.inetserver.iis.security)
  • Re:RE : suggestions on a good firewall
    ... Subject: RE: suggestions on a good firewall ... CheckPoint does! ... with a url-filtering server. ... IT Technical Security Officer ...
    (Security-Basics)
  • Why hasnt Symantec addressed nastier Messenger spoofs
    ... Norton / Symantec has been silent on whether Norton Internet Security ... DSL firewall will stop these kinds of pop-ups. ... major ISPs and broadband systems. ...
    (comp.security.misc)
  • Re: Service pack 2 (XP)
    ... I have a 'theory' that SP2 has a LOT to do with firewall and new browser ... besides those security features. ... The operative word is SPYWARE. ...
    (microsoft.public.windowsupdate)