From: [email protected]
[mailto:[email protected]] On Behalf Of jpb-u2ug
Sent: Tuesday, June 02, 2009 8:08 AM
To: 'U2 Users List'
Subject: Re: [U2] [u2u] UV on Windows question
> I just rebooted my Linux systems last week the first time in
about 6
>months. The reason, because the windows servers on our network have
been
>changed so many times that they were finally starting to affect Samba
on the
>Linux server.
Funny, I just rebooted our linux UV server yesterday for almost the same
reason. It appeared that some Active Directory replication problems had
hosed cached winbind data somewhere and it was affecting users' ability
to log into UV. When rebooting the AD servers and clearing the winbind
cache files no longer helped, I was forced to reboot the linux server.
It had been up for 408 days. My coworker who handles the Windows admin
duties joked, "up for 408 days and eventually brought down by Windows".
All joking aside, both up time and patching policies are important
considerations when evaluating the differences between Windows and
linux/unix as a platform for UV. The downsides of patching are that it
may force a reboot (although moreso on Windows) and carries some
inherent risk of breaking key functionality (although moreso on
linux/unix). The reason I make the latter assertion is that the wide
variety of linux/unix platforms and relatively small individual market
share for each results in less thorough patch testing. Windows
platforms, on the other hand, are much more vanilla. If you have a
Windows 2003 server with service pack 2 and all the latest patches
installed, you can be reasonably sure it's nearly identical to all the
other fully patched W2K3 SP2 servers out there. If you wait a few weeks
to install a Windows patch, there's a good chance any problems with it
will have already affected some other poor saps and their complaints
will be all over google.
That vanilla nature of Windows that makes patching safer also makes it
more critical. A virus writer who's discovered a way to exploit a
Windows service can be reasonably certain that if the exploit works
against one Windows machine, it will work against most of them. Also,
simply keeping a Windows server behind a firewall is no guarantee of
safety. A desktop user may be become infected via a browser or mail
attachment exploit that will scan the network looking for vulnerable
servers to propogate to. On the other hand, attempting to write a virus
or worm that will reliably exploit a service on various versions of
RedHat, SuSe, Ubuntu, HP-UX, AIX, etc. would be a tall order. Virus
writing today is a for-profit business, and it just makes more economic
sense to target Windows.
I don't think that one platform is necessarily better than the other for
UV, but I do think one may be a better fit than the other for a given
site. I prefer running UV on linux in our environment for a number of
reasons (cron scheduler, shell scripting, free OS utilities), but for a
site that has mostly Windows expertise and isn't affected by off-hours
reboots, UV on Windows might make more sense.
-John
_______________________________________________
U2-Users mailing list
[email protected]
http://listserver.u2ug.org/mailman/listinfo/u2-users
