[19735] in bugtraq
Re: TCP Timestamping and Remotely gathering uptime information
daemon@ATHENA.MIT.EDU (van der Kooij, Hugo)
Tue Mar 20 21:16:43 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.30.0103192041590.5473-100000@bastion.hugo.vanderkooij.org>
Date: Mon, 19 Mar 2001 20:49:38 +0100
Reply-To: Hugo.van.der.Kooij@CAIW.NL
From: "van der Kooij, Hugo" <Hugo.van.der.Kooij@CAIW.NL>
X-To: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200103170316.OAA29790@cairo.anu.edu.au>
On Sat, 17 Mar 2001, Darren Reed wrote:
> In some mail from Bill_Royds@pch.gc.ca, sie said:
> >
> > Actually, the logic is "This has been up for 300 days. It probably is not
> > being maintained so it likely has that unpatched exploit avaialable".
>
> I thought about this before I posted that email but decided against any
> inclusion of it. Why ?
>
> There are systems running around the world, today, that *need* to run
> 24x7 and security patches are no reason for a reboot. That aside, that
> a system has been up, since its release, longer than it takes the time
> information to wrap, do you *really* know how long it has been up ?
So if a system can't be brought down for a reboot what do you do in case
of a system failure. Be it hardware or software you have a problem way
beyond a reboot.
If anything is that mission critical you should make it redundant.
In the past our company used to accept a no-reboot-now policy by the
customer. However we stopped to do this because any mission critical
system must be made redundant. So we can reboot a firewall at 17:00 if we
need to install security fixes.
we usually don't need to play it hard. But if a 5 minute interruption is
unacceptable you should make things redundant because hardware will
breakdown when it is extremely inconvinient.
Hugo.
--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland
hugo@vanderkooij.org http://hvdkooij.xs4all.nl/
--------------------------------------------------------------
