A
aernative
Guest
System - FC2 - Plesk 8
First off i ran the scanner and got warnings about alow root login and some packages being out of date or un patched.
So far i have got round the root login warning by switching to SSH2 only and switching the permit root to "no" then adding a user for SSH out of the root group using RSH keys to login... that seems to satisfy the scanner...
I am still stuck on how to deal with the following application version warnings -
* Application version scan
- GnuPG 1.2.4 [ Old or patched version ]
- Apache 2.0.51 [ Old or patched version ]
- Bind DNS 9.2.3 [ OK ]
- OpenSSL 0.9.7a [ Old or patched version ]
- PHP 4.3.10 [ Old or patched version ]
- Procmail MTA 3.22 [ OK ]
- ProFTPd 1.2.10 [ OK ]
- OpenSSH 3.6.1p2 [ Old or patched version ]
I have seen posts about the "atomic" packages, however I am not sure what is the best practice to sort this scenero out - do i need to update to FC3/4 (or even 5 now...).
First off i ran the scanner and got warnings about alow root login and some packages being out of date or un patched.
So far i have got round the root login warning by switching to SSH2 only and switching the permit root to "no" then adding a user for SSH out of the root group using RSH keys to login... that seems to satisfy the scanner...
I am still stuck on how to deal with the following application version warnings -
* Application version scan
- GnuPG 1.2.4 [ Old or patched version ]
- Apache 2.0.51 [ Old or patched version ]
- Bind DNS 9.2.3 [ OK ]
- OpenSSL 0.9.7a [ Old or patched version ]
- PHP 4.3.10 [ Old or patched version ]
- Procmail MTA 3.22 [ OK ]
- ProFTPd 1.2.10 [ OK ]
- OpenSSH 3.6.1p2 [ Old or patched version ]
I have seen posts about the "atomic" packages, however I am not sure what is the best practice to sort this scenero out - do i need to update to FC3/4 (or even 5 now...).