I'm glad I could put you at ease, Nick :-) I've been working on this for a week [compiling, installing, testing, repeat]... (my box isn't really standard redhat -- sort of a mixed beast)
Currently, I just finished installing/configuring the latest version of SNORT and guardian on my system as well as updating the latest worm rules in /etc/snort/ to detect and block infected servers. BTW, do you run mod_ssl/apache? "rpm -qa | grep mod_ssl" Make sure that it is updated as well. Trevor. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Nick White Sent: Wednesday, September 18, 2002 4:19 PM To: '[EMAIL PROTECTED]' Subject: RE: Slapper Worm on openssl 0.9.6b(-28) >From the changelog: (via rpm -q --changelog) * Thu Aug 01 2002 Nalin Dahyabhai <[EMAIL PROTECTED]> 0.9.6b-28 - update asn patch to fix accidental reversal of a logic check * Mon Jul 29 2002 Nalin Dahyabhai <[EMAIL PROTECTED]> 0.9.6b-25 - add patch to fix ASN.1 vulnerabilities Wow!! That gives me a ton of information! That completely puts me at ease about the openssl exploit and Slapper.worm. Also it seemed lots of people on this list were questioning if 0.9.6b-28 was really safe or not.... So I got it directly from RedHat's mouth (so to speak) -----Original Message----- From: Trevor [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 18, 2002 1:48 PM To: [EMAIL PROTECTED] Subject: RE: Slapper Worm on openssl 0.9.6b(-28) "rpm -q --changelog openssl | grep ASN" can tell you the same thing... without the tech support <grin>. Trevor. -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
