On Thu, 14 Oct 2004 01:25:17 -0700 (MST) "der.hans" wrote: > Am 13. Oct, 2004 schwätzte Siri Amrit Kaur so: > > Very :). > > There, are, however ways to limit exposure and thereby reduce the number > of security patches necessary. > > > I know I should perform security updates frequently, but I run into one > > problem: > > the SIZE of the updates. > > I'm on a slow dialup modem. > > Can you let it do downloads overnight? If so, can slackware handle > interrupted downloads? > > Let's say you can get 1/3 of the data you need in a night. You could then, > over a period of 3 nights, get all the updates, then do the actual > installation of the updates after than when it's convenient for you. wget would be the obvious choice here. > > I'm using Slackware 10 with the 2.4.26 kernel on a stand-alone box. I never > > installed Apache, inetd, portmap, SSH or any other server apps that I know > > of, and I have all unneeded services turned off. I just use it for internet > > Make sure they aren't running. You probably have inetd installed, but you > might have disabled it. Check also for a mail server. > > ps auxw | less > look for extraneous processes > for instance, I usually uninstall the at daemon > > lsof -i > look for LISTEN for TCP ports and active UDP ports > > There are other ways to check for running services. > > Anyone know of a good, simple guide to monitoring tools that can be used > from a box to see what might be running? You can start with nmap localhost whic h will show you what services are listening on what ports. [...] > > I use slackpkg for updates, and have it set up to only download patches, not > > everything. The last time I ran "slackpkg upgrade patches" it was a 135MB > > download, not including kernel patches because I don't want to screw around > > with the kernel. That's fine for broadband, but I never want to go through > > that again! It took days and I had to su to root to do it. Personally, I > > never like to be online as root; that's a security risk in and of itself. > > Can the d/l mechanism run as a normal user? I don't think it can for > debian w/o some pain. Of course, then just "su -" and run "upgrade some_package" to install. This is how pkgtools works in Slackware. Slackpack is probably similar. > Are those patches all the updates or just the security updates? Ideally, > in your situation, you just want the security updates. > > > Given how conservatively I use my computer, how likely is it that I'll be > > compromised and have my computer turned into a zombie or something if I don't > > do updates anymore? > > Well, random crack attempts from viruses, etc. generally don't care that > you're only on a modem or that you think you're safe. > > > I appreciate any opinions and advice, but no flames, please. > > You'll be wishing for the flames soon enough as winter sets in and we > start having to survive temperatures down into the 70s! :) hans, you're forgetting about global warming, in a few years we won't see temps below 100F! Dennisk --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss