Is Linux version 2.4.21-40.ELsmp secure?

[dwh2]

I'm supposed to be on Red Hat Enterprise, which I heard is not affected by the recent kernel vulnerability.

But just to be sure, does this sound secure to you or do I need to update?

# cat /proc/version
Linux version 2.4.21-40.ELsmp ([edit]@[edit].build.redhat.com) (gcc version 3.2.3 20030502 (Red Hat Linux 3.2.3-54)) #1 SMP Thu Feb 2 22:22:39 EST 2006

 

[AndyReed]

I'm supposed to be on Red Hat Enterprise, which I heard is not affected by the recent kernel vulnerability.

But just to be sure, does this sound secure to you or do I need to update?

If you really need to learn about kernel security, read this article which addresses your very question: http://www.securityfocus.com/columnists/296

In addition, I always urge our clients and the cPanel users to be vigilant about securing and hardening their servers. This is a continuous projcess and you have to saty on top of server security, otherwise you might loose.

 

[dwh2]

Thanks for responding but...that article was about how Linux needs better security. I couldn't find where it addressed my question. Did I miss something or did you link the wrong article by mistake?

BTW, I ran up2date -u and rebooted and it still says the same version...

 

[dwh2]

In /var/log/messages I'm seeing lines starting with kernel:
Some say lots of weird wording like:
** IN_TCP DROP ** IN=eth0 OUT=MAC= (some mac address)....
I think those are related to BFD or APF firewall but not sure.
At the end I'm getting some lines like:

smb_get_length: recv error =5
smb_request: result -5, setting invalid
smb_retry: successful, new pid=nnnn, generation=9

 

[chirpy]

I'm supposed to be on Red Hat Enterprise, which I heard is not affected by the recent kernel vulnerability.

But just to be sure, does this sound secure to you or do I need to update?

You should update the kernel to the latest one from RH. You should signup to their OS announcement mailing list so that you're notifed of errata and security releases which include an explaination of the reason for the updated package (including kernels) and their likely severity if security related.

 

[dwh2]

You should update the kernel to the latest one from RH. You should signup to their OS announcement mailing list so that you're notifed of errata and security releases which include an explaination of the reason for the updated package (including kernels) and their likely severity if security related.

Thanks. It really is all so confusing I'm not sure which mailing list I'm supposed to even join?

Did I make a mistake by trying

up2date -u

?

I can't understand why it still says the same version.

BTW Chirpy, I once tried to hire your services to watch over my server, but I never heard back from you by PM or by email...

 

[joako]

If I am not mistaken, you are running the latest kernel for RHEL 3.