-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/01/2013 00:20, Cowboy wrote: > I have at least one ( Slack 9 ) machine hard on internet that has > not been updated, nor compromised, since 2004. It does what it was > built to do, so what's the point ? > > ( it's the artificially intelligent, self training, Spam-O-Matic > anti-spam appliance ) >
That machine has only not been compromised because nobody has tried (yet). You're running a ssh version with at least two nasty holes in it and I'd assume the MTA has a whole bundle of problems. That is not what I'd describe as responsible management. :-) It's really not hard to keep machines up to date - perform rolling upgrades and use test systems where you need to verify before deploying to production. Update often and regularly. 99% of the boxes I run will automatically apply security updates via apt-get and I've never had a problem as a result of this in many, many years of operation; for on-air boxes, manually applied updates once a week, one system at a time (to ensure you don't knock them all out of service at once in the case of a broken update) is fine. If you've set up your packages/installed everything right (and have dependencies set up properly - so no from-source installations) there'll almost certainly be no issues. Most issues people have performing updates are down to poor management of software installation, typically kernel modules. Cheers, James -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) iEYEARECAAYFAlDukN8ACgkQ22kkGnnJQAx4OgCgjbXAV4IjWdsPUn8vYcXM94V3 G40AnRMjyyhRnXYA1Kb+A7fig6px/MIG =Q27Z -----END PGP SIGNATURE----- _______________________________________________ Rivendell-dev mailing list [email protected] http://lists.rivendellaudio.org/mailman/listinfo/rivendell-dev
