From owner-freebsd-questions Wed Oct 16 11:53: 2 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C0D9337B401 for ; Wed, 16 Oct 2002 11:53:00 -0700 (PDT) Received: from sage-one.net (adsl-65-71-135-137.dsl.crchtx.swbell.net [65.71.135.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 437FB43E9E for ; Wed, 16 Oct 2002 11:52:59 -0700 (PDT) (envelope-from jackstone@sage-one.net) Received: from sagea (sagea [192.168.0.3]) by sage-one.net (8.11.6/8.11.6) with SMTP id g9GIqqf54240; Wed, 16 Oct 2002 13:52:52 -0500 (CDT) (envelope-from jackstone@sage-one.net) Message-Id: <3.0.5.32.20021016135251.0136e5e8@mail.sage-one.net> X-Sender: jackstone@mail.sage-one.net X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Wed, 16 Oct 2002 13:52:51 -0500 To: David Kelly , Jonathan Arnold From: "Jack L. Stone" Subject: Re: Upgrade recommendations Cc: freebsd-questions@FreeBSD.ORG In-Reply-To: <20021016181528.GB17604@grumpy.dyndns.org> References: <200210161314120727.0B4D72FE@mail.speakeasy.net> <200210161314120727.0B4D72FE@mail.speakeasy.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 01:15 PM 10.16.2002 -0500, David Kelly wrote: >On Wed, Oct 16, 2002 at 01:14:12PM -0400, Jonathan Arnold wrote: >> I'm currently running 4.5, and want to upgrade my machine and was >> wondering what you might have for recommendations. > >[...] > >> 3] A reformat and complete upgrade to 5.0 - I already have >> the web site & mailing list dbs backed up. >> >> As scary as it sounds, I'm leaning towards #3. > >That does sound scary. By all means go right ahead if it doesn't matter >that the server stays up. In the past 7 years that I have been using >FreeBSD the hardest thing to beat into peoples heads has been "don't use >-current on critical machines." > >Am concerned that your system is still 4.5, which suggests you don't >have to spend much time keeping it running (good) but don't spend much >time "keeping up" (bad). There have been serious issues with ssh, >apache, and probably other things since 4.5. You may be vulnerable. > >"Make buildworld", "make installworld", mergemaster, and "make kernel" >can be performed on a running system. Then with any luck you are only a >reboot away from being updated. That's what I do. > >-- >David Kelly N4HHE, dkelly@hiwaay.net >===================================================================== >>> There have been serious issues with ssh, apache, and probably other things since 4.5. You may be vulnerable.<<< This is not an issue with the base system. the ssh has been patched and Apache is not part of the base system and can be updated separately from ports or packages. I'm running on e of the latest versions not vulnerable. Also, am running 4.5-RELEASE p-20 which is right up to date with security patches. I don't track STABLE. but do track all security patches and update as and when they come out.... so, one doesn't have to upgrade above 4.5 to have the security..... Best regards, Jack L. Stone, Administrator SageOne Net http://www.sage-one.net jackstone@sage-one.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message