Jul 14 2021 05:37 PM
We've got a bunch of CENTOS 7 servers in our environment. Recently we've started using Security Center to try and make sure our servers are secure and we've got a lot of remediation work to do. However, we're thinking that a bunch of these CENTOS alerts we are getting are false positives. Our CENTOS Servers are patched to the latest and greatest updates. In fact, when I click on your remediation links, it tells me I need to be at the kernel 3.10.0-1160.31.1.el7.x86_64.
When I go to my CENTOS servers and run a yum -y update to see if there are any updates for these servers, they are completely up to date and when I run a uname -a, the kernel information comes back with this: 3.10.0-1160.31.1.el7.x86_64 so I know we are on the latest and greatest kernel, despite the fact that Azure is telling us we need to update our kernel for security purposes.
So, I'm not sure what to do at this point. Is there a way for me to modify the alert so it can be resolved? Do I open a ticket with Azure to let them know that it appears there's a problem? Attached is a sample screenshot of what I'm seeing. I haven't started investigating the Oracle Java SE stuff yet, just working on the CENTOS Security stuff.
Please advise.
Matt
Jul 20 2021 12:26 AM
Jan 20 2022 11:18 PM
Jan 21 2022 12:44 PM
Jan 31 2022 04:38 AM
Feb 01 2022 01:31 PM
Jan 11 2023 09:47 AM - edited Jan 17 2023 12:41 AM
I'm surprised to see such a post on a site for Microsoft users. Although it's not the first time I've met people who like Linux OS as much as I do. I have a laptop that I converted to CentOS as the number of work files was over 3k. If we are talking about the resilience of CentOS 7 or the upcoming CentOS 8, I can tell you that, processing CVEs, you won't get any problems. It's enough to always check CVE status to be aware of possible security holes in your commercial OS. By the way, CentOS 7 Security runs on a different engine, so it's 100% system protection if you're worried. And when the project closes, TuxCare will be ready in 2024.