Security Advisory Providers

By | February 1, 2015

Sometimes, servers can become compromised through no direct fault of the administrator. There exist what are known as zero-day exploits — malicious code affecting a particular product or service which is circulated before the vendors or maintainers are even aware of the vulnerability.

Fortunately for us, this is relatively rare. The vast majority of server-level compromises are due to neglected services that haven’t been patched to prevent old, well-known exploits. Once a system administrator is made aware of a weakness, he or she must assess the situation and take immediate action (even if that action is to decide that a patch isn’t needed). There are situations in which a patch may be more trouble than it’s worth; only you can determine how much you value your data.

Admittedly, it’s not always easy to be made aware of security holes, particularly when it comes to less-common packages. That’s why we’ve compiled a list of some helpful information sources:

Сomments аrchive