Re: non-random IP IDs

From: Rodney W. Grimes (freebsd@gndrsh.dnsmgr.net)
Date: 04/17/01


From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
To: bright@wintelcom.net (Alfred Perlstein)
Date: Tue, 17 Apr 2001 10:37:56 -0700 (PDT)


> * Darren Reed <avalon@coombs.anu.edu.au> [010417 04:29] wrote:
> > In some mail from Julian Elischer, sie said:
> > >
> > > there is a site that calculates server uptime from these numbers.
> > > All the leading machines are freeBSD. When you do this it will
> > > no-longer be able to track us :-(
> >
> > IMHO, extraordinarily large uptimes are nothing to be proud of and
> > say nothing about the quality of software.
> >
> > I'd almost go so far as to say uptimes greater than 1 year indicate
> > that the system administration practises need review.
>
> Agreed. I've yet to hear about any seriously deployed system
> go without security advisories for over a year.

Or perhaps this is a very talented system admin who values uptime
and finds work arounds that don't envolve downing a system that do
just as good, and sometimes better, than the vendor fix for the
security issue.

Security Fix != Reboot required.

-- 
Rod Grimes - KD7CAX @ CN85sl - (RWG25)               rgrimes@gndrsh.dnsmgr.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: Way OT: How long does your box run for?
    ... > grows in direct correlation to system uptime (which should reflect more on ... > my perceived knowledge of security and paranoia than on the Project's ... we used to have boxes with uptimes in the 900 day range. ... As a security professional, I get irked ...
    (freebsd-questions)
  • Re: [Full-disclosure] Getting Off the Patch
    ... uptime, above security. ... It's easy to think of cases where uptime is considered incredibly important, ... then restore to an old known-good snapshot and keep going in literally ... it would be a *great* place to put an unpatched honeypot to ...
    (Full-Disclosure)
  • Re: Article: "Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Sec
    ... network, internet, power), one should require a Security SLA. ... performs a process and maintains a level of security, risk, privacy, ... 99.995% uptime why shouldn't security. ...
    (Security-Basics)
  • Re: system is up 1 year
    ... What references do you want? ... I run a Router/Firewall with Linux 2.4.32 and its uptime is currently ... Linux 2.6 have to many security problems as it can ...
    (Debian-User)