Go to http://www.nessus.org and get nessus and all of the exploit simulations. Read the docs, instructions, etc.
Run nessus against your box(s)
It will tell you *exactly* where your holes are, how to fix them and the level of risk that they pose.
Unix/Linux users should not ever wonder if their system is vulnerable with all of the system/network security inspection tools that we have available.
Running the latest and greatest software in any OS is not always the smart thing. We have seen over and over again in the Unix world that the *newest* version of software X has a nasty security leak. Take the time to research potential security issues with the software you want to install before you do it.
Three great examples of this were:
BIND = 9.x is a security nightmare 8.x was pretty secure
9.x buffer overflow expoits gave attacker root
SendMail = 1 version ago was insecure as hell
simple buffer overflow gave attacker root
BSD Telnet = 1 version ago
"ditto" gave attacker root from a simple buffer overflow.
Moral of the story, " * Newer Is Not Better * " until it has been tested and retested and tested again.
Hope you get it locked down tight. Do yourself a favor and become familiar with the Unix security inspection tools, they will help you sleep better at night.
