nikolas.britton at gmail.com
Sat Aug 20 01:34:44 GMT 2005
On 8/11/05, Kent Stewart <kstewart at owt.com> wrote:
> On Thursday 11 August 2005 12:09 pm, Matt Kosht wrote:
> > >On 8/11/05, Peter Giessel <pgiessel at mac.com> wrote:
> > > There are uptimes greater than 4 years listed here:
> > > http://uptime.netcraft.com/up/today/top.avg.html
> > A Windows 2000 server with over 1000 days of uptime. Whoever hacked
> > it must be doing a good job as sysadmin ;)
> Not possible for a good sysadmin. There have been numerous updates by
> Microsoft that require a reboot to finish the install. Anything over
> 2-3 months has a sysadmin that has not been adding their security
You can keep a windows 2000 system secure without patching!:
* Uninstall Outlook Express and IE ( http://www.litepc.com/ ), Install
Firefox and Thunderbird.
* Install Perl, Uninstall WSH.
* Hardware (m0n0wall) and software (stealth mode, deny all (Kerio,
ZoneAlarm, etc.)) firewalls.
* Virus scanner.
* Remove MS JVM, install Sun's.
* MS Office replaced with OpenOffice (Don't install Outlook!!!).
* Subscribe to CERT advisories list.
I had a running average of 30-40 days between reboots, I think the
highest was 90+ days, on my main do everything and anything desktop PC
(it runs FreeBSD, 6-STABLE, now). Most of those reboots where
installing new demo/alpha/beta software for QC/deployment/requirements
testing, so this system was a software whore.
I've never managed Win2K or Win2K3 servers, because I now use FreeBSD
and Linux exclusively for that, but my WinNT4 boxes routinely had 100s
of days uptime. Just make sure it has the latest service pack, follow
the advice above, and check the advisory lists often to see if your at
risk and ways to mitigate it. Also check out 98lite and 2000/XPlite,
this software will, figuratively, strip windows down to the bare
kernel if you want it to.
More information about the freebsd-questions