Date: Fri, 16 Mar 2001 10:23:02 +0000 From: Marc Rogers <marcr@shady.org> To: freebsd-security@FreeBSD.ORG Subject: Re: What's vunerable? Message-ID: <20010316102302.V10016@shady.org> In-Reply-To: <3AB1DBF9.C721E3D6@vianetworks.co.uk>; from peterm@vianetworks.co.uk on Fri, Mar 16, 2001 at 09:25:13AM %2B0000 References: <3AB1DBF9.C721E3D6@vianetworks.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
on the subject of updating a large number of freebsd boxes... I just thought I would throw my twopence worth in, as while working for a number of entirely freebsd based isps a few years ago, I had to deal with exactly this problem. Making world in situ on production servers is a game of russian roulette. Most fo the time it works, but the older the starting version, the harder it becomes. The safest way to synchronise a large number of boxes (in my view) is to play a shell game with them. Take one clean box and install freebsd and whatever base software you need. Then migrate the customer data from one of your older boxes onto this new one. When you are comfortable that the new box can replace the old one completely, shut down the old one and bring up the interfaces on the replacement. Next take the box you just replaced, and after backing everything up, reinstall the os. Use this box to upgrade another. and so on. When you get the hang of it, it becomes quite a swift process. Please ensure that you do back everything up though, as I can guaruntee you will forget something. If you need any futher help, feel free to mail me. Marc Rogers Head of Network Operations & Security EDC Group To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010316102302.V10016>