From owner-freebsd-questions@FreeBSD.ORG Thu Feb 16 23:49:15 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E41E016A420 for ; Thu, 16 Feb 2006 23:49:15 +0000 (GMT) (envelope-from scrappy@hub.org) Received: from hub.org (hub.org [200.46.204.220]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77F5343D45 for ; Thu, 16 Feb 2006 23:49:15 +0000 (GMT) (envelope-from scrappy@hub.org) Received: from localhost (unknown [200.46.204.144]) by hub.org (Postfix) with ESMTP id 24D0E62C855; Thu, 16 Feb 2006 19:49:15 -0400 (AST) Received: from hub.org ([200.46.204.220]) by localhost (av.hub.org [200.46.204.144]) (amavisd-new, port 10024) with ESMTP id 60784-09; Thu, 16 Feb 2006 19:49:14 -0400 (AST) Received: from ganymede.hub.org (blk-222-82-85.eastlink.ca [24.222.82.85]) by hub.org (Postfix) with ESMTP id B890B62C7E2; Thu, 16 Feb 2006 19:49:14 -0400 (AST) Received: by ganymede.hub.org (Postfix, from userid 1000) id C1A8A3D545; Thu, 16 Feb 2006 19:49:17 -0400 (AST) Received: from localhost (localhost [127.0.0.1]) by ganymede.hub.org (Postfix) with ESMTP id BDC7C3A93E; Thu, 16 Feb 2006 19:49:17 -0400 (AST) Date: Thu, 16 Feb 2006 19:49:17 -0400 (AST) From: "Marc G. Fournier" To: lars In-Reply-To: <43F4F43D.2090304@gmx.at> Message-ID: <20060216194336.L60635@ganymede.hub.org> References: <20060216005036.L60635@ganymede.hub.org> <20060216053725.GB15586@parts-unknown.org> <20060216085304.GA52806@storage.mine.nu> <43F4CAA3.1020501@schultznet.ca> <43F4F43D.2090304@gmx.at> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by amavisd-new at hub.org Cc: freebsd-questions@freebsd.org Subject: Re: [Total OT] Trying to improve some numbers ... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Feb 2006 23:49:16 -0000 On Thu, 16 Feb 2006, lars wrote: > If your machine only runs an NFS daemon and is behind a firewall, > ok, you don't need to patch it asap when an NFS SA and patch is issued, if > all clients connecting to the machine are benign. Actually, there are alot of situations where this sort of thing is possible ... hell, I could probably get away with running a FreeBSD 3.3 server since day one, that has all ports closed except for sshd, imap/pop3/smtp, and be 100% secury ... sshd can be easily upgraded without a reboot, with the same applying to imap/pop3/smtp if I use a port instead of what comes with the OS itself ... You can say you are losing out on 'stability fixes', else the server itself wouldn't stay up that long ... so about the only thing you lose would be performance related improvements and/or stuff like memory leakage ... And I could do this all *without* any firewalls protecting it ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664