Security Basics mailing list archives
Re: Best practice for security implementation
From: Jeff <jam () zoidtechnologies com>
Date: Mon, 4 Aug 2003 18:47:32 -0400
On Mon, Aug 04, 2003 at 11:44:43PM +0530, D N Vaidya wrote:
Dear List members,I like to know that in datacenter environment if Windows, Linux, Solaris systems are hosted, then how to keep track of vulnerability in all machines. If any new vulnerability arised or disclosed then how to execute patch up hundreds of production system with out affecting the system. Also Microsoft is releasing daily new patches and service packs, how to verify wheather the release is required for our system or not? Same question is there about Linux and Solaris. How to upgrade Hardening process of OS? Which tool is best for vulnerability accessment? Sincerely, D.N.Vaidya
greetings, I am *sure* Sun Microsystems will sell you a support contract for Solaris, and at least Red Hat Linux will also do something similar for you-- just contact the appropriate vendor directly. I do not use Microsoft, so I cannot comment on their update policy, but basically anytime a vendor releases a patch you will need to evaluate it carefully based on what it "fixes" given your computing environment. on my own network, I pretty much update immediately whenever Red Hat releases a patch-- I use 'up2date -u' and it all just works, and I've never had a problem with their patches. regards, J -- || Jeff - http://zoidtechnologies.com/ || GNUPG Fingerprint: A607 0F19 7C75 1305 67E4 BDFF 26BD 606E 3517 2A42
Attachment:
_bin
Description:
Current thread:
- Best practice for security implementation D N Vaidya (Aug 04)
- Re: Best practice for security implementation Jeff (Aug 04)
- Re: Best practice for security implementation Jan Reilink (Aug 05)
- Re: Best practice for security implementation Jeff (Aug 04)