Long Uptime

estover at nativenerds.com estover at nativenerds.com
Thu Aug 11 20:58:49 GMT 2005

> Dmitry Mityugov wrote:
>>>>Apart from that, I must agree with Dave Horsfall - please provide an
>>>> IP.
>>>Is there a critical patch that you believe those machines would need?
>>>Anything more serious than a potential denial of service attack?
> Yes, I recommend all patches.
> DOS is enough for me.
>> Indeed. If the machine is properly firewalled, what kind of attack
>> other than DoS can break it?
> All those on vulnerabilites that were fixed in patches after the last one
> applied.
> A firewall may or may not help you.
> If the attack is on a jail to which you allow access through your
> firewall,
> you've had it, e.g..
> Or someone sends you a specially crafted file that exploits a
> vulnerability
> described in FreeBSD-SA-05:11.gzip and/or FreeBSD-SA-05:14.bzip2.asc.
> That's DOS, that kind of attack is serious enough for me to try to avoid.
> Or someone gains root privileges via the vulnerability described in
> FreeBSD-SA-05:16.zlib, FreeBSD-SA-05:17.devfs or FreeBSD-SA-05:18.zlib.
> I mean it's great FreeBSD can sustain such a long uptime.
> But, IMHO, it's nothing to brag about, since it simultaneously indicates
> missing patches, which I find worse.
Missing patches?, Most people I know can apply patches with out rebooting
a FreeBSD.
> Planned downtime for maintenance is ok.
It is , but this is bragging rights were talking here.
> Kind regards,
> lars.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list