From owner-freebsd-questions@FreeBSD.ORG Sat Aug 20 01:34:44 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6ED3116A41F for ; Sat, 20 Aug 2005 01:34:44 +0000 (GMT) (envelope-from nikolas.britton@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED7B143D46 for ; Sat, 20 Aug 2005 01:34:43 +0000 (GMT) (envelope-from nikolas.britton@gmail.com) Received: by wproxy.gmail.com with SMTP id i4so675246wra for ; Fri, 19 Aug 2005 18:34:43 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=T59umdR9p/MZ1cH6pswuCsKug0teu1tGfrs79bTr74FjYBppeVPnmWti47bsg0tsLuc0soD1IMXGpPsU3wIcRDCK5unLWiOv7A6cC1tKkb40GYOxRzrB7taneJFO+/P8AojVjOQTG334B9aAm/OtnHq/8MRd4txF2WLyrK49iO0= Received: by 10.54.57.10 with SMTP id f10mr2234780wra; Fri, 19 Aug 2005 18:34:43 -0700 (PDT) Received: by 10.54.124.11 with HTTP; Fri, 19 Aug 2005 18:34:43 -0700 (PDT) Message-ID: Date: Fri, 19 Aug 2005 20:34:43 -0500 From: Nikolas Britton To: Kent Stewart In-Reply-To: <200508111353.29612.kstewart@owt.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <42F976E8.60008@bomar.us> <6878461.1123785241744.JavaMail.pgiessel@mac.com> <200508111353.29612.kstewart@owt.com> Cc: Peter Giessel , freebsd-questions@freebsd.org, Matt Kosht Subject: Re: Long Uptime X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Aug 2005 01:34:44 -0000 On 8/11/05, Kent Stewart wrote: > On Thursday 11 August 2005 12:09 pm, Matt Kosht wrote: > > >On 8/11/05, Peter Giessel wrote: > > > There are uptimes greater than 4 years listed here: > > > http://uptime.netcraft.com/up/today/top.avg.html > > > > A Windows 2000 server with over 1000 days of uptime. Whoever hacked > > it must be doing a good job as sysadmin ;) >=20 > Not possible for a good sysadmin. There have been numerous updates by > Microsoft that require a reboot to finish the install. Anything over > 2-3 months has a sysadmin that has not been adding their security > fixes. >=20 You can keep a windows 2000 system secure without patching!: * Uninstall Outlook Express and IE ( http://www.litepc.com/ ), Install Firefox and Thunderbird. * Install Perl, Uninstall WSH. * Hardware (m0n0wall) and software (stealth mode, deny all (Kerio, ZoneAlarm, etc.)) firewalls. * Virus scanner. * Remove MS JVM, install Sun's. * MS Office replaced with OpenOffice (Don't install Outlook!!!). * Subscribe to CERT advisories list. I had a running average of 30-40 days between reboots, I think the highest was 90+ days, on my main do everything and anything desktop PC (it runs FreeBSD, 6-STABLE, now). Most of those reboots where installing new demo/alpha/beta software for QC/deployment/requirements testing, so this system was a software whore. I've never managed Win2K or Win2K3 servers, because I now use FreeBSD and Linux exclusively for that, but my WinNT4 boxes routinely had 100s of days uptime. Just make sure it has the latest service pack, follow the advice above, and check the advisory lists often to see if your at risk and ways to mitigate it. Also check out 98lite and 2000/XPlite, this software will, figuratively, strip windows down to the bare kernel if you want it to.