General Support - Debian Server restored after Compromise (from debian.or) bryan_e_boone - 14.07.2006, 02:16 Uhr Titel: Debian Server restored after Compromise (from debian.or)
Does this affect Kanotix?
If so what's the best way to safeguard against it?
http://www.debian.org/News/2006/20060713
-Bryan
bluewater - 14.07.2006, 08:57 Uhr Titel:
The safeguards are in Debians hands, and following the reports, they took the server off line very fast and got it back on line very quickly.
The effect on kanotix, is that while they were restoring the server, you may not have been able to update, get apps or dist-upgrade.
The breach to Debian is not a breach to you.
bryan_e_boone - 14.07.2006, 13:37 Uhr Titel:
I didn't think it was a breach to me... Just curious if I needed a kernel upgrade. (64 bit)
I should have asked in my original post....
Thanks for the info.
-Bryan
bluewater - 15.07.2006, 20:01 Uhr Titel:
Hmmmmm , looks more than just a compromised password
One comment seems to suggest the 2.6.17.5 fixes it
Guess a new kernel is due for install here, in the near future
PS About 64 bit.. you have to wait for a 64 bit guru or a dev to answer your query on that issue.
Swynndla - 17.07.2006, 01:36 Uhr Titel:
I googled and indeed it looks like both bugs (described in http://www.debian-administration.org/articles/418) are fixed in 2.6.17.5 and above ... with 2.6.17.6 having the better fix:
http://lwn.net/Articles/191512/
So yes it looks as though it does affect kanotix if you have a kernel <2.6.17.5 (which is probably why slh has come out with 2.6.17.6-slh-up-1 and 2.6.17.6-slh64-smp-1 ? .. can one of the developers comment?)
Swynndla - 17.07.2006, 07:09 Uhr Titel:
I asked Kano online and he said yes that's why slh came out with those kernels.
bryan_e_boone - 17.07.2006, 13:47 Uhr Titel:
Thanks.. (including Kano and slh).
I'll upgrade the kernel, too.
-Bryan
hubi - 17.07.2006, 13:58 Uhr Titel:
Just a question: can one use a 2.6.17.6-slh64-smp-1 on a 32bit x86 box? There is no "standard" kanotix kernel 2.6.17.6 with smp enabled.
hubi
bryan_e_boone - 17.07.2006, 14:03 Uhr Titel:
I was going to install
2.6.17.6-slh64-smp-1, but I'll have to defer to more enlightened ones
abou the details.
I have a dual processor/dual core gx620 and I assumed this was the right kernel.
-Bryan
Kano - 17.07.2006, 15:46 Uhr Titel:
That's a 64 bit kernel.
bryan_e_boone - 17.07.2006, 15:52 Uhr Titel:
yep...
I just did the kernel upgrade and the dist-upgrade... No problems
-Bryan
hubi - 17.07.2006, 16:05 Uhr Titel:
Thx for this information,
hubi
h2 - 17.07.2006, 18:48 Uhr Titel:
<<< There is no "standard" kanotix kernel 2.6.17.6 with smp enabled. >>>
that should be what was previously kernel-kanotix-current.zip, the standard kernel, I assume anyway. Not sure why the previous default method was not used this time around.
hubi - 17.07.2006, 19:35 Uhr Titel:
h2,
that's exactly my question, if I can use slh's 64-kernel for a 32bit hyperthreading P4, because the box runs faster with smp enabled, and I got the "old" kanotix one running on my HP.
hubi
h2 - 17.07.2006, 19:40 Uhr Titel:
the 64 bit kernel is a 64 bit, not 32 bit, you have to use 32 for a 32 bit install. The kernel I pointed out above is the standard 32 bit smp kernel as far as I know.
schnorrer - 17.07.2006, 22:20 Uhr Titel:
Is a P4 a 64 or 32Bit Processor?
@hubi I tend to 64Bit Processor, though you can use a 64Bit kernel within a 64Bit distro, but never with a 32-Bit-distro!
the -smp on a single Processor depends on the quality of the board.
hubi - 17.07.2006, 22:29 Uhr Titel:
schnorrer,
it's a 32bit processor Pentium 4 3200 Mhz but capable of hyperthreading, and the smp kernel is faster by a good bit (just placebo?).
hubi
schnorrer - 17.07.2006, 22:46 Uhr Titel:
on a single-core single-Cpu yes just placebo. a 64bit Kernel will stop with an error at boot-time. but you can use the 64Bit source and cook your own 32-Bit kernel.
thank you for that information. I might wait for the regular 32bit smp kernel then, my HP is no server and is sleeping most of the time, because I'm on holiday
