[NTLUG:Discuss] whoo hoo! Linux = Stability
Justin M. Forbes
64bit_fedora at comcast.net
Tue Feb 24 16:24:21 CST 2004
On Tue, Feb 24, 2004 at 04:01:14PM -0600, gan hawk wrote:
>
> Linux counter statistics is good because it does not display the machine
> name. But I always wonder something about similar netcraft statistics. Does
> long uptime, more than the patch cycle mean the machine is vulnerable ? I
> guess black hats can use the uptime information and attack the machine
> based on the kernel exploits. What do the others think about this issue ?
>
Generally speaking it could be used that way, but there are a few things to
consider:
1) Most kernel exploits are local vulnerabilities, not remotely exploitable
2) Most non kernel updates do not require a reboot (though I would advise
it anyway on some of the libs updates, if you want consistancy in
application behavior)
3) Most of the systems Netcraft shows, that people would be interested in,
are behind a farm of some sort. With an IP load balancer, I can have
infinite uptime :)
Still, uptime as a number is generally uninteresting to me, I would be more
concerned with unplanned outage statistics. Regular maintenance, or
hardware upgrades are not a bad thing. Failures are what counts.
Justin
More information about the Discuss
mailing list