To: Bush2000
Great, kids. The moral of the story is if you turn off EVERYTHING, you don't have to patch your box. No, genius. The point is that you turn off what you don't need and configure it so that it is secure as possible. We probably have around ten different network daemons running on them at any given moment on average. Nonetheless, the OS has not needed to be patched and only one of the myriad of daemons that we run had to be patched. These boxes do most everything that a normal Unix server does plus some extra things most Unix servers do not. They have simply been trouble free for the most part and no security vulnerabilities have been published for the various applications we use (excepting the one).
80 posted on
09/15/2003 9:12:58 PM PDT by
tortoise
(All these moments lost in time, like tears in the rain.)
To: tortoise
The point is that you turn off what you don't need and configure it so that it is secure as possible.
I can do the same thing with IE and IIS and Outlook and whatever. I can also use the built-in IP filtering to enable/disable any ports that I want. And doing so obviates the need to patch the damned box. Geezus, you geniuses would think this is impossible ...
88 posted on
09/15/2003 9:35:00 PM PDT by
Bush2000
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson