Date: Thu, 28 Apr 2005 20:01:14 -0700 From: Joshua Tinnin <krinklyfig@spymac.com> To: freebsd-questions@freebsd.org Cc: Anthony Atkielski <atkielski.anthony@wanadoo.fr> Subject: Re: longest uptime Message-ID: <200504282001.14462.krinklyfig@spymac.com> In-Reply-To: <14390987.20050429044933@wanadoo.fr> References: <42713B77.5020000@aixa.rot-1.de> <200504281941.50460.krinklyfig@spymac.com> <14390987.20050429044933@wanadoo.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu 28 Apr 05 19:49, Anthony Atkielski <atkielski.anthony@wanadoo.fr> wrote: > Joshua Tinnin writes: > > An long-unpatched FreeBSD install on a DMZ server makes me a bit > > more edgy than knowing the uptime will reset to zero when it's > > rebooted after updating. > > Is FreeBSD so insecure that it must be patched every few days? Obviously not. Security update notifications are available: http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications > I > hardly ever see FreeBSD security issues on Bugtraq, and the ones I > see often have nothing to do with Net attacks. A properly configured > FreeBSD server with no local logins should be quite secure. The only > problem I've ever had resulted from a bug in Apache, and Apache > obviously isn't part of FreeBSD. It depends very much on what you're doing with it and what the vulnerabilities are. Security is always a balance between practicality and safety. FreeBSD is very secure by design, but ignoring security updates isn't necessarily the best idea. If I were running 3.x, it would probably make me a bit nervous if I couldn't update it to at least 4.11, though some people still do run 3.x - wouldn't necessarily recommend it, though. - jt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504282001.14462.krinklyfig>