[cfarm-users] Upgrade on gcc12, gcc13 and gcc14

Aymeric mulx at aplu.fr
Mon Jul 24 18:37:33 CEST 2017



On 23/07/2017 15:46, Christopher Sean Morrison via cfarm-users wrote:
>> The problem is old distros, like Fedora 1 and Debian 5, don't receive
>> patches anymore. They are effectively honeypots that compromise the
>> integrity of the cfarm network. There's little that can be done to
>> minimize the risk. Once a listening socket is opened to the world, the
>> attack surface drastically increases.
> A relatively simple solution could be to have the older compromised configurations be only accessible from the newer farm machines.  Two hops to get to them, but drastically reduced exposure profile.
>
> Cheers!
> Sean
I understand the need to have older release, for now gcc76 is down
(should be rebooted/checked around 15 august), but this server already
host several VMs.

I don't recall if there is a Debian 5 but if not I can create a Debian 5
VM for those who still need a Deb5, what do you think about? (or maybe
re-using gcc14 to host a VM).

I think it's preferable to have a Debian 5 on a VM than running a
honeypot connected to the Internet :)

Regards,
Aymeric

-- 
Aymeric


More information about the cfarm-users mailing list