How Big Risk Do I Take If I Don't Update The Kernel?

May 2, 2008

I'm a Windows guy and can little or nothing about Linux. How big risk do I take if I'm using a Linux VPS and never update/patch the kernel?

I'm using CentOS 5 and LxAdmin. I can update the control panel, but I can not update/patch the kernel since I have no knowledge how I do that.

I'm using a unmanaged plan, so no help there.

Some of my sites are running Wordpress, but I'm always using the lates WP installation. I not using any other plugins that WG2, Gallery2, and remove max width.

Nobody except me have access to the VPS, and I have no other FTP accounts or something like that on the VPS.

I have no other scripts or any kind of dynamic pages on my VPS.

What kind of risk do I have here?

I'm currently having plans to cancel my second VPS that's using Win2003, and only use Linux in the future. I can cut my monthly expensive with 50% that way, but do I take a big risk doing it that way?

View 9 Replies


ADVERTISEMENT

How Update Kernel

Jul 7, 2009

can i upgrade my kernel?

yum cant find any new update but my kernel version is 2.6.18-128.1.1.el5.028stab062.3PAE

View 9 Replies View Related

Kernel Update With Yum

Jun 13, 2009

I have following error in kernel update with yum:

Downloading Packages:

Running rpm_check_debug

ERROR with rpm_check_debug vs depsolve:

Package kernel conflicts with ecryptfs-utils < 44.

Complete!

So kernel not updated yet.

View 9 Replies View Related

Kernel Update

May 8, 2008

I installed CentOS 5 on a server with 2 quad core CPU's and 4GB of RAM. After the installation is done and during boot I see a warning that says "Warning only 3GB will be used".

So, just to check, I installed CentOS 4.4 and it sees all 4GB of RAM.

Are there any memory limitations on the distro? or could it be that the desktop kernels made their way into the iso's from upstream?

View 5 Replies View Related

Kernel Update ..

Jul 6, 2008

I just tried yum update command and now i have bunch of stuff that i need to update

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
kernel-PAE i686 2.6.18-92.1.6.el5 update 14 M
kernel-PAE-devel i686 2.6.18-92.1.6.el5 update 4.8 M
Updating:
kernel-headers i386 2.6.18-92.1.6.el5 update 846 k
nspr i386 4.7.1-1.el5 update 118 k
nss i386 3.12.0.3-1.el5.centos update 1.1
M
nss-tools i386 3.12.0.3-1.el5.centos update 2.2
M
samba-client i386 3.0.28-1.el5_2.1 update 4.9 M
samba-common i386 3.0.28-1.el5_2.1 update 8.7 M
xulrunner i386 1.9-1.el5 update 10 M
yelp i386 2.16.0-19.el5 update 580 k
Removing:
kernel-PAE-devel i686 2.6.18-53.1.21.el5 installed 14 M

Transaction Summary
=============================================================================
Install 2 Package(s)
Update 8 Package(s)
Remove 1 Package(s)

The big deal is Kernel is the most important update file IMHO. Because last time at another server i tried to update kernel by same method. And it said it failed to find template for Kernel or something like that. As a result my server didn't boot up and i had to request KVM and load older kernel

I am not sure if it will give same error this time but is there anything else that i need to do after kernel is updated except rebooting?

i just run /scripts/upcp and it updated all of the programs except kernel-pae. Now it says

Dependencies Resolved

=============================================================================
Package Arch Version Repository Size
=============================================================================
Installing:
kernel-PAE i686 2.6.18-92.1.6.el5 update 14 M

Transaction Summary
=============================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)

I am still not brave enough to install kernel update

View 6 Replies View Related

Any Update For Kernel

Sep 14, 2007

My server ( Pentium4 3.80GHz with 2GB RAM ) have 2.6.9-55.ELsmp, is there any update?

View 4 Replies View Related

Can't Update Kernel

Mar 15, 2007

I'm trying to set up this server at Layeredtech without a control panel running CentOS 4.x with kernel 2.6.9-34.EL with PHP, MySQL, and lighttpd

I'm having problems with the current kernel (high IOwait, etc.) so I did a yum update kernel which installed 2.6.9-42.0.10.EL but whenever I reboot it doesn't go back up.

I don't know where to look for errors because when I type # reboot then I'm disconnected from shell and I see no errors whatsoever. Then I have to contact LT to do a manual reboot because I can't connect anymore.

I really need to update the kernel.

View 4 Replies View Related

Kernel Update Needed For Centos 5

Nov 1, 2009

I am using cpanel My server runs with centos 5 With version 2.6.18-164.2.1.el5.plus

Does i need to keep updating kernal updates always for the server?

If so how i can update automatically?

View 8 Replies View Related

HOW TO: CentOS Issue .. Kernel Update - SAS Drive

Apr 17, 2008

I installed CentOS 5 with SAS drive. But i forgot install kernel-PAE for more 4GB RAM. (i'm using 8GB RAM).

But now when i trying to install kernel-PAE or update kernel. I have issue with hda and fd0 ...

"WARNING: No module megasr found for kernel"

When i 'cat /var/log/messages' i got:

kernel: end_request: i/o error, dev fd0,sector 0
kernel: hda: packet command error: status=0x51 { DriveReady SeekComplete Error }
kernel: hda: packet command error: error=0x54 { AbortedCommand LastFailedSense=0x05 }

I tried to 'google' they to find the solution, but now i still not find out ...
I'll try to reload OS. After reload OS, if i dont have floppy disk, how can i update kernel with no error?

View 2 Replies View Related

Is My Domain Name At Risk

May 28, 2007

my domain name expires in July (within 90 days).

It is currently with company A who charge quite a lot to keep it there. I want to move it to company B who are my hosts and with whom I get 1 free domain name.

One added complication is that the domain is in a friends name, but I have logon and can change name to my own any time I want.

Company B said "After it is on our registrar, you will be the only one that can renew it as long as it doesn't expire for longer than 90 days."

This has me worried that because I haven't renewed it withing 90 days that it can be stolen from me. Have I misunderstood or is this a risk?

If so would I be better advised to renew it in my friends name wth company A?

View 10 Replies View Related

Crypt_blowfish, Any Risk In Installing

Sep 11, 2007

A customer has requested we install a pear package called crypt_blowfish for there website which sells items.

What exactly is it? Is there any risk in installing the extension?

Ive not heard of it myself before

View 4 Replies View Related

Hosting A High Risk Site

Mar 25, 2009

What sort of redundancy that is recommended for a high risk site?

My definition of high risk is it will attract more hackers than usual, more DDOS, chances of blocked by ISP and etc.

View 4 Replies View Related

Moving SSH Back To Port 22 But Will Root Be At Risk

Apr 26, 2008

At present I run SSH on a different port then normal to protect root. This has worked for two years, but with discovering that cPanel finally support SFTP without shell access needed, I want to finally turn off FTP and require SFTP. The problem is the port I am using. Since it's a random port I have been secured against root attacks (well nothing has shown up). I am with LiquidWeb which is fully managed. So I guess they take care of allot of prevention.

This is what I am thinking of doing. move SSH back to port 22 (I only host a few friends sites and want to be hosting 20 accounts by end of year to cover my costs). Then disabled root password and require SSH keys. Would this be strong as secure as running SSH on a high #port or am I fooling myself.

I could also add in for good measure restricting root SSH/SFTP (yes I prefer SFTP for file management as I am legally blind and using Transmit+BBEdit is allot easier for me for editing files). The problem with restricting to certain IP's, is that Shaw charges $30/month more for a static IP and I also am at my moms 25% of the time (and she is also with Shaw). I think the XXXX.vs.shawcable.net is static but I am not 100% sure.

I really do want to kill FTP so that only port 80 is the only non SSL port open.

View 14 Replies View Related

Security Risk To Share Phpinfo File

Mar 10, 2007

There are always people who would like to know what the php settings are on the server. Is it a security risk to share the phpinfo.php file on a website, with anybody who visits that website, able to view it?

View 4 Replies View Related

Security Risk Having Mbstring And Mysqli Installed On Your Server

Mar 20, 2008

A friend of mine owns a hosting company and a client of his asked to have mbstring and mysqli installed. What he wants to know is , is there any security risks if he does install that on his server?

Also, he wants to know, if there is not, what how does he go about installing that on the server?

View 4 Replies View Related

Writing Large Files - Risk Of Damaging Filesystem

Jan 19, 2008

Does writing large files (ie, 10GB backups in one archive) cause any risk of damaging a linux filesystem?

View 1 Replies View Related

[kernel: Kernel BUG At Mm/rmap.c:479] Any Idea What This Is?

Mar 29, 2007

we have one box in hivelocity.net that has been down so many times this month that we were forced to remove links to siteuptime where we were once so proud of having a 99.7% uptime for 3 years in theplanet.

syslog shows that just before crashing, these entries were made:

kernel: kernel BUG at mm/rmap.c:479
kernel: invalid operand:0000 [#1]

dmesg also shows this:

...
Brought up 2 CPUs
zapping low mappings.
checking if image is initramfs... it is
Freeing initrd memory: 482k freed
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xf9f20, last bus=1
PCI: Using configuration type 1
mtrr: v2.0 (20020519)
mtrr: your CPUs had inconsistent fixed MTRR settings
mtrr: probably your BIOS does not setup all CPUs.
mtrr: corrected configuration.
...

i've googled these messages and they point to ram problems.

hivelocity.net claims to have done diagnostics on the box and that there were no problems reported.

they said this is a result of a sys configuration problem made by us.

any ideas?

View 8 Replies View Related

Kernel Headers For Virtuozzo Kernel

May 20, 2009

running centos/virtuozzo 2.6.18-028stab062.3

when i configure vmware it asks at one point for kernel header files. where would i find them to match the current kernel?

i asked at parallels forums but help there is very scarce. i checked openVZ repositories and they dont yet have headers for this version.

what are my options? i have one last windows machine left and want to run it in VMware.

View 0 Replies View Related

Centos + Kernel 2.6.9-34.0.2- How To Upgrade Kernel

Apr 29, 2007

Last year I ordered a new server with Centos 4.3 and it had the kernel kernel 2.6.9-34.0.2ELsmp installed. It runned fine and I didn't update any packages since then.

Today I started getting a problem where both mysqld and kswapd0 uses very high amounts of CPU, spiking up to 100% and my memory usage is at 99% all the time. The problem seems exactly the same as the one mentioned in this thread.

In that thread the exact same kernel is said to be insecure and to cause this problem. I also came across a centOS bug that reports this problem with high cpu, mem usage and mysql & kswapd0 consuming all resources.

In the linked thread the person solved the problem by upgrading to kernel 2.6.9-42 using rpms but others recommended a newer kernel or a custom compiled kernel for CentOS.

Apparently when they used yum it said 34.0.2 was the latest kernel.

What should I do to upgrade the kernel, which version should i upgrade to, and where do I get it from? I won't be able to compile a custom kernel and I've only installed basic rpm packages before.

View 5 Replies View Related

Mysql Delayed Writes Performance Boost, Worth The Risk

Jul 19, 2007

During my poking around performance tips I found the DELAY_KEY_WRITE option (and innodb_flush_log_at_trx_commit = 0 for innodb)

which supposedly for mysql will disable the immediate disk flush for every transaction written and instead update only once every second at most?

One thing I've never had to restart on my vps is mysql, it's been great. So is this safe to turn on? Am I risking corruption? Will the performance gain be worth it with only a 16M cache?

View 4 Replies View Related

PC World Article: Reduce Fire Risk - Remove Oxygen [merged]

Mar 19, 2007

I did a quick search on this and could not see it as already being posted

It seems quite a clever but simple idea - remove a lot of the oxygen from the air to help reduce the risk of fire. What do those of you operating your own facilities make of this? Is anyone already doing this?
[url]

View 14 Replies View Related

Plesk Automation :: Postfix CA Bundle File Under PPA - How To Edit Without Risk Of It Being Overwritten

Aug 19, 2013

I see in the maillogs a number of errors lots of different Certificate Authorities - and some I really did NOT expect to see here:

[root@web48002 admin]# grep ' certificate verification failed for' /usr/local/psa/var/log/maillog | wc -l
998
[root@web48002 admin]# grep ' certificate verification failed for' /usr/local/psa/var/log/maillog | head
Aug 19 00:04:45 web48002 postfix/smtp[28115]: certificate verification failed for inbound.hsaforamerica.com.netsolmail.net[206.188.198.64]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

[Code] ....

How/where do we edit our CA file under Postfix - and why is the standard one installed by PPA not including some of these VERY MAJOR CAs?!?

I would like instructions on how to edit this in a manner that it will not get overwritten by some PPA update or yum update.

View 3 Replies View Related

"owner" ID In Ftp Client -- Security Risk

Mar 25, 2008

I just started using FileZilla Client, as a way of allowing business clients to upload to an ftp account at my website (the ftp account is a subdirectory of my public_html directory, and has its own username and password).

I noticed that, along with other information for each file listed at that subdirectory, FileZilla also posts info on "owner" and "group". It turns out that, for each of these fields, FileZilla displays the username of my entire site -- not the username specifically associated with the particular ftp account to which FileZilla had connected. Thankfully, it doesn't also display the password that goes along with it!

I'm wondering if anyone would know:

- does this constitute a significant security risk?
- is this because of actions on the part of my web host, or because of FileZilla's programming? (ie, would the same thing occur in all ftp clients?)
- if this is a significant security risk, would there be any workaround?

View 14 Replies View Related

Kernel Source Install Help Needed On Fc6 X64I Am Trying To Install The Kernel Source.

May 13, 2007

I am trying to install the kernel source.
I have downloaded kernel-2.6.20-1.2948.fc6.src.rpm
I am using fedora 6 64bit.
here are my current kernels:

kernel-headers-2.6.20-1.2948.fc6
kernel-devel-2.6.20-1.2944.fc6
yum-kernel-module-1.0.3-1.fc6
kernel-2.6.20-1.2944.fc6
kernel-devel-2.6.20-1.2948.fc6
kernel-2.6.20-1.2948.fc6


here is what I seen when I installed kernel-2.6.20-1.2948.fc6.src.rpm

rpm -ivh kernel-2.6.20-1.2948.fc6.src.rpm
1:kernel warning: user brewbuilder does not exist - using root
warning: group brewbuilder does not exist - using root
warning: user brewbuilder does not exist - using root
########################################### [100%]
warning: user brewbuilder does not exist - using root
warning: group brewbuilder does not exist - using root


then when I ran:
rpmbuild -bp --target=$(uname -m) /usr/src/redhat/SPECS/kernel-2.6.spec

I seen this error:
+ Arch=x86_64
+ make ARCH=x86_64 nonint_oldconfig
In file included from /usr/include/sys/socket.h:35,
from /usr/include/netinet/in.h:24,
from /usr/include/arpa/inet.h:23,
from scripts/basic/fixdep.c:117:
/usr/include/bits/socket.h:310:24: error: asm/socket.h: No such file or directory
make[1]: *** [scripts/basic/fixdep] Error 1
make: *** [scripts_basic] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.93770 (%prep)


I need to have this installed to get a app installed etc...
suggestions or ideas?
thanks

View 2 Replies View Related

Xen Kernel

Apr 4, 2009

I have a Xen VPS. I started with a Debian 4 image and have since upgraded to Debian 5. Firstly was this advisable? Secondly what Kernel version should I be running, or rather is it set by my installation or by the Xen server?

View 3 Replies View Related

New Kernel 2.6

Feb 15, 2007

Does it take 2 hours to have a new kernel up and running? The tech is taking forever to finish.

View 11 Replies View Related

Kernel Tuning

Apr 24, 2009

as part of a project I have lately been looking into various aspects of kernel tuning. Most notably lately tuning the TCP stack for more efficient memory usage/throughput.

Thought I would start this thread to mention some of the tools I'd found for doing testing and see what anyone else had to recommend.

So far my favorite of the bunch is nuttcp. Its easy to use and gives a very good idea of how much of your bandwidth you are able to utilize.

A few interesting web pages are as follows for anyone interested in the topic:

[url]- Tuning TCP for High Bandwidth Delay networks

[url]- TCP Tuning Cook book, some interesting information in there as well

[url]...formanceTuning - Performance Tuning TWiki. Has a list of useful tools, flags for existing tools and ways to monitor network performance from a system level, along with some suggestions of things to correct

View 0 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved