[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DDOS attack ?!?



BTW, to avoid stuff like this in the future, you might want to drop
the following in /etc/cron.daily:

#!/bin/sh

( set -e

apt-get -qq update \
    && apt-get -qqy upgrade \
    && apt-get -qq autoclean
) 2>&1 | grep -v '^W: .* will not be authenticated\.$'
# __END__

All that mess with grep is necessary (unfortunately) since the
repository signing stuff doesn't seem to work right.  (Or at least it
didn't last time I tried it.  Has anyone tried it lately?)  Since that
doesn't work right, this is a little dangerous, since your machine
will happily install updates from anywhere with a little DNS
poisoning.  This will be better with the next rpm though.  Apparently
it will only install packages that are signed with a key already
stored in the rpm database.

Oh, and make sure you chmod +x that script.  :-)

Steve
-- 
steve@silug.org           | Southern Illinois Linux Users Group
(618)398-7360             | See web site for meeting details.
Steven Pritchard          | http://www.silug.org/

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.