From owner-freebsd-stable@FreeBSD.ORG Mon May 22 05:42:13 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4608916A41F for ; Mon, 22 May 2006 05:42:13 +0000 (UTC) (envelope-from davidn@datalinktech.com.au) Received: from customer-domains.icp-qv1-irony8.iinet.net.au (customer-domains.icp-qv1-irony8.iinet.net.au [203.59.1.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8D2C543D45 for ; Mon, 22 May 2006 05:42:11 +0000 (GMT) (envelope-from davidn@datalinktech.com.au) Received: from 203-206-162-119.perm.iinet.net.au (HELO mail.datalinktech.com.au) ([203.206.162.119]) by customer-domains.icp-qv1-irony8.iinet.net.au with ESMTP; 22 May 2006 13:42:07 +0800 X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAA== X-IronPort-AV: i="4.05,152,1146412800"; d="scan'208"; a="315064299:sNHT12329638082" Received: from [192.168.4.232] ([192.168.4.232]) by mail.datalinktech.com.au with esmtp; Mon, 22 May 2006 15:42:03 +1000 id 0018D945.44714F2B.000174C3 Message-ID: <44714F23.6000504@datalinktech.com.au> Date: Mon, 22 May 2006 15:41:55 +1000 From: David Nugent User-Agent: Thunderbird 1.5.0.2 (X11/20060516) MIME-Version: 1.0 To: Doug Hardie , freebsd-stable@freebsd.org References: <4471361B.5060208@freebsd.org> <66DF01E1-277C-42EE-896E-1E7F4C2ABDDE@lafn.org> In-Reply-To: <66DF01E1-277C-42EE-896E-1E7F4C2ABDDE@lafn.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: FreeBSD Security Survey X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 05:42:13 -0000 Doug Hardie wrote: > On May 21, 2006, at 20:55, Colin Percival wrote: >> If you administrate system(s) running FreeBSD (in the broad sense of >> "are >> responsible for keeping system(s) secure and up to date"), please visit >> http://people.freebsd.org/~cperciva/survey.html >> and complete the survey below before May 31st, 2006. > > What doesn't fit into the survey very well is that all my servers are > production ones and it causes a lot of grief for users when I bring > them down. I try to hold updates to once per year because of that. I > am currently in the middle of upgrading from 5.3 to 6.0. The easy > machines are done but there are still a few that will take > considerable on-site time which is not easy to come by. A good failover strategy comes into play here. If you have one, then taking a single production machine off-line for a short period should be no big deal, even routine, and should not even be noticed by users if done correctly. This should be planned for and part of the network/system design. Yes, it definitely requires more resources to support, but I'll rephrase the same problem: what happens when (and I mean *when* and not *if*) a motherboard or network card fries or you suffer a hard disk crash (even 2+ drives failing at the same time on a raid array is not particularly unusual considering that drives are quite often from the same manufactured batch)? Lack of a failover on mission critical systems that *can't* be offline is like playing russian roulette.