On Tue, 2010-04-20 at 11:09 -0700, Charles Jones wrote: > On Tue, Apr 20, 2010 at 10:39 AM, Matt Lawrence <[email protected]> > wrote: > Having a linux server with an uptime of 1188 days is pretty neat from > a > geeky perspective. Having a production server on the network of a > company > that handles billions of dollars in financial transaction that hasn't > had > security updates in 1188 days is rather frightening.
> Having a high uptime does not necessarily mean that there have been no > security updates, since you can update almost everything without a > reboot. Granted a reboot is required to update the kernel itself, but > if your server is decently hardened and firewalled, exactly which > kernel exploits are you vulnerable to? +1 "up 1064 days 18:14" And the server runs a very specific software stack. But it is getting taken down next month for updates. > I had a server that was online for over 1300 days, until it was > rebooted by datacenter power issues. Since it rebooted anyway, I took > the opportunity to install the only package that was not up to > current, the linux-kernel. Did I suddenly feel safer? Not really :) _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
