From owner-freebsd-questions@FreeBSD.ORG Fri Apr 29 03:01:17 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 26B1716A4CE for ; Fri, 29 Apr 2005 03:01:17 +0000 (GMT) Received: from smtp801.mail.sc5.yahoo.com (smtp801.mail.sc5.yahoo.com [66.163.168.180]) by mx1.FreeBSD.org (Postfix) with SMTP id 802E543D3F for ; Fri, 29 Apr 2005 03:01:16 +0000 (GMT) (envelope-from krinklyfig@spymac.com) Received: from unknown (HELO smogmonster.com) (jtinnin@pacbell.net@64.173.27.15 with plain) by smtp801.mail.sc5.yahoo.com with SMTP; 29 Apr 2005 03:01:16 -0000 From: Joshua Tinnin To: freebsd-questions@freebsd.org Date: Thu, 28 Apr 2005 20:01:14 -0700 User-Agent: KMail/1.8 References: <42713B77.5020000@aixa.rot-1.de> <200504281941.50460.krinklyfig@spymac.com> <14390987.20050429044933@wanadoo.fr> In-Reply-To: <14390987.20050429044933@wanadoo.fr> X-Face: "u-%.52Z_uQCP'Vdj{95/n*(sgAAm`F/p'b0zo%-DuBTdZ*qW!!/idDBRjkFfJD[Qe&>=?utf-8?q?=5F2=0A=09?=<}OGsEY~)n?NywZRi9xm-jH_VPg"8nTSzo:r8;U3oTQz|@z)|>%i+MRY2Y#>s~X`sV$&t"=?utf-8?q?=0A=09AkQ=5EU3rJIFCU=3F=5DcC=27F=26fY4=23Jf-=7D=3F7x?= MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200504282001.14462.krinklyfig@spymac.com> cc: Anthony Atkielski Subject: Re: longest uptime X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Apr 2005 03:01:17 -0000 On Thu 28 Apr 05 19:49, Anthony Atkielski wrote: > Joshua Tinnin writes: > > An long-unpatched FreeBSD install on a DMZ server makes me a bit > > more edgy than knowing the uptime will reset to zero when it's > > rebooted after updating. > > Is FreeBSD so insecure that it must be patched every few days? Obviously not. Security update notifications are available: http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications > I > hardly ever see FreeBSD security issues on Bugtraq, and the ones I > see often have nothing to do with Net attacks. A properly configured > FreeBSD server with no local logins should be quite secure. The only > problem I've ever had resulted from a bug in Apache, and Apache > obviously isn't part of FreeBSD. It depends very much on what you're doing with it and what the vulnerabilities are. Security is always a balance between practicality and safety. FreeBSD is very secure by design, but ignoring security updates isn't necessarily the best idea. If I were running 3.x, it would probably make me a bit nervous if I couldn't update it to at least 4.11, though some people still do run 3.x - wouldn't necessarily recommend it, though. - jt