What about running "yum update" from a cronjob every day? I'll admit that I am no expert on Linux security, but aren't most attacks exploiting known vulnerabilities that have already been fixed, and thus only work against boxes that haven't been patched properly? Eggert