uptime 4.0

Mike Hoskins mike at adept.org
Wed Dec 3 16:24:23 PST 2003

Eric Anderson wrote:
> Just curious, but, has anyone ever heard of a firewall?  I typically 

defense in depth.  security is multi-layered like an onion, or so people 
have been touting for the last decade, so you keep systems up to date 
and pay attention to host security as part of defense in depth...  even 
when you have a firewall.

bridges pass packets.  if you assume a device passing packets (even when 
the device is "inaccessable" as defined in this thread) never needs 
patched...  you are probably relatively safe, but you are not really 
"correct".  bugs may occur and patches may be necessary that affect the 
bridging code itself, no?  of course.  again, the best way to make this 
issue moot is to get a working patch mechanism that doesn't require a 
reboot.  talk about a HA pipe dream!

  > I just think that "large uptime = bad admin" is a pretty shallow and
> close minded way to stereotype people based on how long a machine has 
> been powered on without a reboot.  Nobody said "1200 days without a 
> security patch! woohoo!"..

stereotypes never work.  if you have good technical reasoning for what 
you're doing, great.  i think some people are just a little more "anal" 
about security -- probably the same people getting paid to do security 
stuff where they work.  ;)


More information about the freebsd-advocacy mailing list