Date: Fri, 17 Feb 2006 14:09:54 -0400 (AST) From: "Marc G. Fournier" <scrappy@hub.org> To: lars <lars@gmx.at> Cc: freebsd-questions@freebsd.org Subject: Re: [Total OT] Trying to improve some numbers ... Message-ID: <20060217140638.B60635@ganymede.hub.org> In-Reply-To: <43F5F149.1040001@gmx.at> References: <20060216005036.L60635@ganymede.hub.org> <20060216053725.GB15586@parts-unknown.org> <20060216085304.GA52806@storage.mine.nu> <43F4CAA3.1020501@schultznet.ca> <43F4F43D.2090304@gmx.at> <20060216194336.L60635@ganymede.hub.org> <43F5F149.1040001@gmx.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Feb 2006, lars wrote: > Marc G. Fournier wrote: >> On Thu, 16 Feb 2006, lars wrote: >> >>> If your machine only runs an NFS daemon and is behind a firewall, >>> ok, you don't need to patch it asap when an NFS SA and patch is issued, if >>> all clients connecting to the machine are benign. >> >> Actually, there are alot of situations where this sort of thing is possible >> ... hell, I could probably get away with running a FreeBSD 3.3 server since >> day one, that has all ports closed except for sshd, imap/pop3/smtp, and be >> 100% secury ... sshd can be easily upgraded without a reboot, with the same >> applying to imap/pop3/smtp if I use a port instead of what comes with the >> OS itself ... >> >> You can say you are losing out on 'stability fixes', else the server itself >> wouldn't stay up that long ... so about the only thing you lose would be >> performance related improvements and/or stuff like memory leakage ... >> >> And I could do this all *without* any firewalls protecting it ... > Even if you managed to maintain an old version of a particular OS's > uptime for so long, what did you prove? Wasn't arguing that I "proved" anything, only that a long uptime could be achieved *without* any security implications :) > IMHO 'uptime' as a 'feature' is overrated, not to say obsolete. Agreed 100% ... Availability is the useful metric, not how long a stretch of time the OS can remain running ... not necessarily worded the best way, but our uptime policy (http://www.hub.org/uptime_policy.php) was such that we tried to upgrade our servers once every 30 days or so ... not always possible, and lately less so, but it was our aim ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060217140638.B60635>