Security issues

roger · #1 05-25-2009, 05:19 PM

How can we update openssh? The command
Code:
```
yum update openssh
```
does not update past version 3.9. As the servers are using an old version, there are exploits and connectivity issues with some applications. To fix the connectivity issues, the version needs to be past 4.x.
Also, there is a bug (that's what Hostican told me) that is preventing cpHulk and the firewall to run on my VPS servers. This has been an issue for a couple months at least, and there have been security issues as a result of this. When will this be fixed?
Finally, what is the timetable to update the servers. One of the guys here told me that CentOS 4.x is no longer actively supported with security fixes, updates, etc. (I don't know if that's true, as I've not checked the CentOS site to see yet). He suggested I ask when servers will be updated to CentOS 5.x as it is a stable release.

roger · #2 05-27-2009, 10:26 AM

***Bump***

DOCENTA · #3 05-27-2009, 12:26 PM

Hello,
Just use:

# yum update

and all will be updated to the latest versions available.

roger · #4 05-27-2009, 02:31 PM

Quote:

Originally Posted by DOCENTA

Hello,
Just use:

# yum update

and all will be updated to the latest versions available.

No that is NOT true. As mentioned in the post, yum will not take openssh past version 3.9 (which is very old).

Can Hostican please answer the three questions - THANKS!

roger · #5 05-28-2009, 10:08 AM

***Bump***

roger · #6 05-29-2009, 12:29 PM

***Bump***

DOCENTA · #7 05-29-2009, 12:48 PM

OS default OpenSSH is good you do not need to mess with it.

KODY · #8 05-29-2009, 01:13 PM

Hello mister, from where you know that OpenSSH_3.9 in CeontOS is vulnerable? Are you sure that this applies specifically to OpenSSH, perhaps you mean OpenSSL? About the exploit, there is last know exploit:

Code:

2008-07-17 Debian (maybe other derivates |KUDUBUTUNTU|) OpenSSH Remote -=Authenticated=- SELinux Privilege Elevation

Lets see. HostICan use CenotOS, not Debian. And second, which is also important, SELinux support is DISABLED. Please, have trust fully of updates which are provided by the repository of CentoOS. I think the guys from CentoOS are not rookies people and would not allow any bugs to crash impeccable reputation of the best secured Linux

roger · #9 05-30-2009, 08:18 AM

Everyone is missing other issues mentioned. Version 4/5 are now standard. Most apps dont work with less than version 3 (SSH).

Also, there are 3 questions.

Does Hostican not support this forum? I was told to put some questions here, but then they don't get answered properly.

@KODY - This is not a CentOS vs some other OS issue, I use both CentOS and Debian based with no problems. Sites on this server have been going up and down regularly. I've been concerned and asked someone to look at it. The first thing they said was that much of the files were old and outdated. It's not about one expolit in the version of SSH, rather about several issues, that cooperatively allow security breaches.

@Hostican - A short while back, I did notice a performance improvement in the servers (I have 4 of them), but now perfomance is not good. Please can you answer the above. Also, there is a ticket from about April that has still to be resolved - You told me you would make sure the issue is fixed, but it is not.

roger · #10 06-01-2009, 01:20 PM

***Bump***

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode


Home Hosting Web Hosting cPanel VPS Plesk VPS Dedicated Servers Merchant Account Why Us? We're always here Our Guarantees View our awards Testimonials Support Flash Tutorials Self Assistance HostICan Community Knowledge Base Add-on services Company Overview History Data Center Working for HostICan Affiliates Contact Us Affiliates Order