From owner-freebsd-stable@FreeBSD.ORG Mon May 22 03:55:10 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7EF1E16A421 for ; Mon, 22 May 2006 03:55:10 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd2mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02D8E43D45 for ; Mon, 22 May 2006 03:55:09 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd2mr6so.prod.shaw.ca (pd2mr6so-qfe3.prod.shaw.ca [10.0.141.9]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IZN00GJIEVXG750@l-daemon> for freebsd-stable@freebsd.org; Sun, 21 May 2006 21:55:09 -0600 (MDT) Received: from pn2ml1so.prod.shaw.ca ([10.0.121.145]) by pd2mr6so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IZN00M5CEVXJ920@pd2mr6so.prod.shaw.ca> for freebsd-stable@freebsd.org; Sun, 21 May 2006 21:55:09 -0600 (MDT) Received: from hexahedron.daemonology.net ([24.82.18.31]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with SMTP id <0IZN0047DEVWGYE0@l-daemon> for freebsd-stable@freebsd.org; Sun, 21 May 2006 21:55:09 -0600 (MDT) Received: (qmail 11059 invoked from network); Mon, 22 May 2006 03:55:08 +0000 Received: from unknown (HELO ?127.0.0.1?) (127.0.0.1) by localhost with SMTP; Mon, 22 May 2006 03:55:08 +0000 Date: Sun, 21 May 2006 20:55:07 -0700 From: Colin Percival To: freebsd security , FreeBSD Stable Message-id: <4471361B.5060208@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Enigmail-Version: 0.94.0.0 User-Agent: Thunderbird 1.5 (X11/20060416) Cc: Subject: FreeBSD Security Survey X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2006 03:55:10 -0000 Dear FreeBSD users and system administrators, While the FreeBSD Security Team has traditionally been very good at investigating and responding to security issues in FreeBSD, this only solves half of the security problem: Unless users and administrators of FreeBSD systems apply the security patches provided, the advisories issued accomplish little beyond alerting potential attackers to the presence of vulnerabilities. The Security Team has been concerned for some time by anecdotal reports concerning the number of FreeBSD systems which are not being promptly updated or are running FreeBSD releases which have passed their End of Life dates and are no longer supported. In order to better understand which FreeBSD versions are in use, how people are (or aren't) keeping them updated, and why it seems so many systems are not being updated, I have put together a short survey of 12 questions. The information gathered will inform the work done by the Security Team, as well as my own personal work on FreeBSD this summer. If you administrate system(s) running FreeBSD (in the broad sense of "are responsible for keeping system(s) secure and up to date"), please visit http://people.freebsd.org/~cperciva/survey.html and complete the survey below before May 31st, 2006. Thanks, Colin Percival FreeBSD Security Officer