In some mail from [EMAIL PROTECTED], sie said:
>
> Actually, the logic is "This has been up for 300 days. It probably is not
> being maintained so it likely has that unpatched exploit avaialable".
I thought about this before I posted that email but decided against any
inclusion of it. Why ?
There are systems running around the world, today, that *need* to run
24x7 and security patches are no reason for a reboot. That aside, that
a system has been up, since its release, longer than it takes the time
information to wrap, do you *really* know how long it has been up ?
Upgrading of software running on a host has little or nothing to do with
how long it has been running - so long as you're not running M$ - if it's
not something like a library file. Last I checked, you didn't need to
reboot to patch up sendmail, named or apache :)
Good sysadmin practice should involve regular, scheduled, rebooting of
systems to ensure that over time the "tinkering" which happens on a day
to day basis never gets to a point where things that are meant to be in
the bootup process are left out. Well, that's my theory anyway :)
A large uptime of a machine may mean it is quite vulnerable, but does it
really tell you it is unmaintained ? Does a short uptime mean it is really
maintained or does it just tell you it was rebooted not long ago ?
Darren
