https://bkraft.fr/blog/bind_9_10_3_and_bind_9_9_8/
http://olex.openlogic.com/packages/bind/9.10.2#package_detail_tabs
2015年11月29日 星期日
2015年11月24日 星期二
Linux Upgrade DNS.....dirty hand
https://forum.directadmin.com/showthread.php?t=46055
For people with CentOS 5 or 6 + DA it is easy
to update.
Check if the bind rpm is installed:
Check if the bind rpm is installed:
Code:
rpm -qv bind
Check if the version is the same:
Code:
named -v
If it is (which is in most cases) you can
safely use yum to update the package:
Code:
yum clean all
yum update bind
If it returns no errors, check again to see
it's version:
Code:
named -v
or
https://www.godaddy.com/help/update-bind-on-your-linux-dedicatedvirtual-dedicated-server-4690
- Connect to your server via SSH
(more info).
- Switch to the root user (more info).
- Type cp /etc/sysconfig/named
/etc/sysconfig/named.bak
- Type yum clean all.
- Type yum update bind
If not start up
cd /etc/init.d
mv named named.backup
wget -O named http://www.directadmin.com/named
chmod 755 named
/sbin/chkconfig named reset
mv named named.backup
wget -O named http://www.directadmin.com/named
chmod 755 named
/sbin/chkconfig named reset
2015年11月9日 星期一
Nessus Console command update
2015-10-12 3:26 AM EDT by Tenable Support
Hello Albert, Thanks for reply,If nessus scanner has access to Tenable plugin server,could you please execute below command on scanner command terminal and let me know if this help get plugin updated. On nessus scanner open and run command prompt as Administrator C:\Program Files\Tenable\Nessus\nessuscli update --all C:\Program Files\Tenable\Nessus\nessusd -R Once done clear web browser cache and login to Nessus UI. |
2015年11月8日 星期日
Linux Upgrade OPENSSL
http://www.cyberciti.biz/faq/howto-openssl-security-update-cve20150291-cve20150204-cve20150290-cve20150207-cve20150286/
How To Patch and Protect OpenSSL Vulnerability # CVE-2015-0291 CVE-2015-0204 [ 19/March/2015 ]
How to find openssl version on a Linux?
The syntax is as follows:
Find openssl version on a CentOS/RHEL/SL/Fedora Linux
openssl version ## or ## sudo yum list installed openssl
## how do I find out my distro version? ## lsb_release -a ## or use ## cat /etc/*-releaseCentOS/RHEL/Fedora Linux
Type the following yum command to patch openssl as root user to patch openssl:sudo yum clean all
To install the updates, use the yum command as follows:sudo yum update
To only update the OpenSSL package and its dependencies, use the following yum command:sudo yum update openssl
Sample outputs:Loaded plugins: auto-update-debuginfo, protectbase, rhnplugin, security This system is receiving updates from RHN Classic or RHN Satellite. Setting up Update Process epel-debuginfo/metalink | 13 kB 00:00 rhel-x86_64-server-6 | 1.5 kB 00:00 rhel-x86_64-server-6/primary | 21 MB 00:05 rhel-x86_64-server-6 14680/14680 rhel-x86_64-server-6-debuginfo | 1.3 kB 00:00 rhel-x86_64-server-6-debuginfo/primary | 1.1 MB 00:00 rhel-x86_64-server-6-debuginfo 5939/5939 rhel-x86_64-server-optional-6 | 1.5 kB 00:00 rhel-x86_64-server-optional-6/primary | 2.0 MB 00:00 rhel-x86_64-server-optional-6 8239/8239 rhel-x86_64-server-optional-6-debuginfo | 1.3 kB 00:00 rhel-x86_64-server-optional-6-debuginfo/primary | 681 kB 00:00 rhel-x86_64-server-optional-6-debuginfo 3571/3571 0 packages excluded due to repository protections Resolving Dependencies --> Running transaction check ---> Package openssl.x86_64 0:1.0.1e-30.el6_6.5 will be updated --> Processing Dependency: openssl = 1.0.1e-30.el6_6.5 for package: openssl-devel-1.0.1e-30.el6_6.5.x86_64 ---> Package openssl.x86_64 0:1.0.1e-30.el6_6.7 will be an update --> Running transaction check ---> Package openssl-devel.x86_64 0:1.0.1e-30.el6_6.5 will be updated ---> Package openssl-devel.x86_64 0:1.0.1e-30.el6_6.7 will be an update --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Updating: openssl x86_64 1.0.1e-30.el6_6.7 rhel-x86_64-server-6 1.5 M Updating for dependencies: openssl-devel x86_64 1.0.1e-30.el6_6.7 rhel-x86_64-server-6 1.2 M Transaction Summary ================================================================================ Upgrade 2 Package(s) Total download size: 2.7 M Is this ok [y/N]: n Exiting on user Command [root@txvip1 ~]# [root@txvip1 ~]# yum update openssl Loaded plugins: auto-update-debuginfo, protectbase, rhnplugin, security This system is receiving updates from RHN Classic or RHN Satellite. Setting up Update Process 0 packages excluded due to repository protections Resolving Dependencies --> Running transaction check ---> Package openssl.x86_64 0:1.0.1e-30.el6_6.5 will be updated --> Processing Dependency: openssl = 1.0.1e-30.el6_6.5 for package: openssl-devel-1.0.1e-30.el6_6.5.x86_64 ---> Package openssl.x86_64 0:1.0.1e-30.el6_6.7 will be an update --> Running transaction check ---> Package openssl-devel.x86_64 0:1.0.1e-30.el6_6.5 will be updated ---> Package openssl-devel.x86_64 0:1.0.1e-30.el6_6.7 will be an update --> Finished Dependency Resolution Dependencies Resolved ============================================================================================ Package Arch Version Repository Size ============================================================================================ Updating: openssl x86_64 1.0.1e-30.el6_6.7 rhel-x86_64-server-6 1.5 M Updating for dependencies: openssl-devel x86_64 1.0.1e-30.el6_6.7 rhel-x86_64-server-6 1.2 M Transaction Summary ============================================================================================ Upgrade 2 Package(s) Total download size: 2.7 M Is this ok [y/N]: y Downloading Packages: (1/2): openssl-1.0.1e-30.el6_6.7.x86_64.rpm | 1.5 MB 00:00 (2/2): openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm | 1.2 MB 00:00 -------------------------------------------------------------------------------------------- Total 6.4 MB/s | 2.7 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Updating : openssl-1.0.1e-30.el6_6.7.x86_64 1/4 Updating : openssl-devel-1.0.1e-30.el6_6.7.x86_64 2/4 Cleanup : openssl-devel-1.0.1e-30.el6_6.5.x86_64 3/4 Cleanup : openssl-1.0.1e-30.el6_6.5.x86_64 4/4 Verifying : openssl-1.0.1e-30.el6_6.7.x86_64 1/4 Verifying : openssl-devel-1.0.1e-30.el6_6.7.x86_64 2/4 Verifying : openssl-1.0.1e-30.el6_6.5.x86_64 3/4 Verifying : openssl-devel-1.0.1e-30.el6_6.5.x86_64 4/4 Updated: openssl.x86_64 0:1.0.1e-30.el6_6.7 Dependency Updated: openssl-devel.x86_64 0:1.0.1e-30.el6_6.7
Do I need to reboot my server/laptop/computer powered by Linux?
Short answer - yes, you need to reboot your computer/server to make all the necessary changes. Sysadmin should plan on updating as soon as possible or use maintenance reboot window:
sudo reboot
2015年11月3日 星期二
Linux DNS Bind update
https://www.godaddy.com/help/update-bind-on-your-linux-dedicatedvirtual-dedicated-server-4690
UPDATE BIND ON YOUR LINUX DEDICATED/VIRTUAL DEDICATED SERVER
Some of the information in this article is advanced material we make available as a courtesy. Please be advised that you are responsible for properly following the procedures below. Customer Support cannot assist with these topics.
We strongly encourage you to keep the DNS service BIND (Berkeley Internet Name Domain) updated with the latest version on your Dedicated Server.
Note to Red Hat 9 Customers If you are running a Virtual Private Server (VPS) with the Red hat 9 operating system, you will need to either upgrade to a more current operating system or download the source RPM from the BIND website for your version of BIND and compile it on your server.
To Update BIND
- Connect to your server via SSH (more info).
- Switch to the root user (more info).
- Type
cp /etc/sysconfig/named /etc/sysconfig/named.bak
- Type
yum clean all
. - Type
yum update bind
.
The system will then proceed to update all the needed packages for you automatically.
If you are running Parallels Plesk Panel there are certain packages that can be installed that will interfere with Parallels Plesk Panel's functionality. If you have not already, please add the following line to your /etc/yum.conf to ensure that YUM does not update any packages that may break Parallels Plesk Panel.
exclude=bind-chroot caching-nameserver
Adding this line to the configuration file will prevent yum from ever being able to update these packages. This can cause issues in the future should you want to use yum to update anything listed as an exclude.
If you have never made any changes to your yum.conf file you can use the following procedure to make this update:
- Connect to your server via SSH (more info).
- Switch to the root user (more info).
- Type
echo "exclude=bind-chroot caching-nameserver" >> /etc/yum.conf
Once this is complete you can run the yum update statements at the top of the article. If you receive an error similar to the following:
Error: Missing Dependency: bind = 31:9.4.2-3.fc7 is needed by package caching-nameserver
or
Error: Missing Dependency: bind = 31:9.4.2-3.fc7 is needed by package bind-chroot
You may need to remove bind-chroot and/or caching-nameserver from your server prior to upgrading. To do this you can do the following:
- Connect to your server via SSH (more info).
- Switch to the root user (more info).
- Type
yum -y remove bind-chroot caching-nameserver
.
The removal of these packages can cause adverse effects on your server. You may need to restore the version of /etc/sysconfig/named that you backed up by using the following command:
cp /etc/sysconfig/named.bak /etc/sysconfig/named
This will install the most up to date version of BIND on your server. As the server administrator it will be your responsibility to determine whether or not a version update will cause any conflicts on your server. It is your responsibility to troubleshoot any issues that arise from performing this update.
訂閱:
文章 (Atom)