On Tue, Apr 20, 2010 at 10:39 AM, Matt Lawrence <[email protected]>wrote:
> Having a linux server with an uptime of 1188 days is pretty neat from a > geeky perspective. Having a production server on the network of a company > that handles billions of dollars in financial transaction that hasn't had > security updates in 1188 days is rather frightening. > > -- Matt > Having a high uptime does not necessarily mean that there have been no security updates, since you can update almost everything without a reboot. Granted a reboot is required to update the kernel itself, but if your server is decently hardened and firewalled, exactly which kernel exploits are you vulnerable to? I had a server that was online for over 1300 days, until it was rebooted by datacenter power issues. Since it rebooted anyway, I took the opportunity to install the only package that was not up to current, the linux-kernel. Did I suddenly feel safer? Not really :) -Charles
_______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
