Chapter 17. Keeping Up to Date
From the moment a Unix workstation or server is connected to the
Internet, it is open to discovery and access by unwanted outsiders.
Attackers find new Internet hosts with amazing speed. We know this
from personal experience. In Summer 2002, one of the authors quietly
set up a new Linux system on an unused IP address at his university,
configured to accept only SSH connections. It was no more than 24
hours before the first failed SSH connection attempt was
logged—and that was from a host in another country!
Computers with DSL or cable Internet connections are especially
targeted by automated attack tools because they are usually operated
by people with little or no security knowledge. It is thus
imperative that any Unix system that will be on a network be kept up
to date with security fixes—both before connecting it to the
network and after.
In this chapter we will discuss how to securely update a Unix
operating system and its applications, both during the initial setup
of the host and after the host is in a production environment. We
will also look at how to determine when the system and applications
need to be updated.