Installation instructions for Firefox somewhere?
tedm at toybox.placo.com
Mon Feb 28 09:55:51 GMT 2005
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Anthony
> Sent: Sunday, February 27, 2005 3:53 PM
> To: freebsd-questions at freebsd.org
> Subject: Re: Installation instructions for Firefox somewhere?
> > ...ummm this is rather like a windows admin saying s/he never
> > updates windows.
> If it's a Windows _server_, I never do any updates that are not
> absolutely necessary.
The ISP I work at has a sister company that is a network services
One of the several techs that work for that company has your
attitude. He's been burned a few times when he's installed patches
that broke existing software at a customer.
However, the customers that he cares for have the highest percentage
of broken-into servers. (by outside crackers)
>From our point of view over at the ISP it seems to us that the pain
of dealing with an app that breaks as a result of a security update
is less than dealing with the pain of cleaning up a server that is
broken into. And we have also observed that no matter how long the
techs there work on a Windows server that has been broken into, once
it's broken into it seems to get regularly re-broken into in the future,
unless they nuke and repave it.
I guess your attitude is safe enough if you regularly backup and you
don't have critical data like credit cards or patient data or
whatever that you don't want to have spread around.
> > Updating. yes you are constantly updating on a production server,
> > unless your idea of fun is somebody compromising your machine.
> Unless the OS is a Swiss cheese of bugs, constant updating is not
> necessary. If the OS is so insecure that you must constantly update
> just to stay ahead of the kiddies, it's time to think of installing a
> different OS.
Frankly I find this rather silly. The OS does very little that helps
a cracker. About the only thing that bugs in the OS will allow a cracker
to do is DoS a TCP/IP stack.
The difficulty is in the application programs, such as nfs, samba,
http, telnetd, sshd, smtp, dns, etc. which all of in the past had
security holes discovered and closed - sometimes repeatedly. The
same goes for Microsoft's products.
Just because an app like IIS is bundled with Windows Server, and an
app like telnetd is bundled with UNIX, does not mean that when those
apps got cracked, that the OS was the problem.
More information about the freebsd-questions