From owner-freebsd-questions@FreeBSD.ORG  Mon May 22 15:53:09 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 559E616B4D4;
	Mon, 22 May 2006 15:53:09 +0000 (UTC)
	(envelope-from xfb52@dial.pipex.com)
Received: from smtp-out4.blueyonder.co.uk (smtp-out4.blueyonder.co.uk
	[195.188.213.7])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6E8E443D72;
	Mon, 22 May 2006 15:53:00 +0000 (GMT)
	(envelope-from xfb52@dial.pipex.com)
Received: from [172.23.170.144] (helo=anti-virus03-07)
	by smtp-out4.blueyonder.co.uk with smtp (Exim 4.52)
	id 1FiCiJ-0004SR-2N; Mon, 22 May 2006 16:52:59 +0100
Received: from [80.192.24.108] (helo=[192.168.0.2])
	by asmtp-out2.blueyonder.co.uk with esmtp (Exim 4.52)
	id 1FiCi6-0002vb-71; Mon, 22 May 2006 16:52:46 +0100
Message-ID: <4471DE4D.5050600@dial.pipex.com>
Date: Mon, 22 May 2006 16:52:45 +0100
From: Alex Zbyslaw <xfb52@dial.pipex.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20060515
X-Accept-Language: en
MIME-Version: 1.0
To: 'Colin Percival' <cperciva@freebsd.org>
References: <01e201c67da9$42111a80$6501a8c0@workdog>
In-Reply-To: <01e201c67da9$42111a80$6501a8c0@workdog>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: 'FreeBSD Questions' <freebsd-questions@freebsd.org>
Subject: Re: FreeBSD Security Survey
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 May 2006 15:53:22 -0000

I'd have to agree with most of Ted and Gayn's points.  Also, it's hard 
to answer many of the questions when they are different for different 
servers.  Unless there is a serious bug in something like SSH, then a 
paying client with a seriously firewalled server and no malicious users 
might get upgraded every four months.  My own server might get upgraded 
weekly when I'm not too busy, or not for four months when I am.  But a 
security bug with a network service would get much more immediate 
attention.  If I still administered machines in an academic environment, 
my answers would be quite different, but the risk analysis that led to 
the different answers would (theoretically) be the same.

--Alex