Re: Long Uptime
From: Nikolas Britton (nikolas.britton_at_gmail.com)
Date: 08/20/05
- Previous message: Eric Murphy: "sound question #2"
- In reply to: Jerahmy Pocott: "Re: Long Uptime"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 19 Aug 2005 23:47:27 -0500 To: Jerahmy Pocott <quakenet1@optusnet.com.au>
On 8/19/05, Jerahmy Pocott <quakenet1@optusnet.com.au> wrote:
> On 20/08/2005, at 11:34 AM, Nikolas Britton wrote:
>
> >
> > You can keep a windows 2000 system secure without patching!:
> >
> > * Uninstall Outlook Express and IE ( http://www.litepc.com/ ), Install
> > Firefox and Thunderbird.
> > * Install Perl, Uninstall WSH.
> > * Hardware (m0n0wall) and software (stealth mode, deny all (Kerio,
> > ZoneAlarm, etc.)) firewalls.
> > * Virus scanner.
> > * Remove MS JVM, install Sun's.
> > * MS Office replaced with OpenOffice (Don't install Outlook!!!).
> > * Subscribe to CERT advisories list.
> >
> > I had a running average of 30-40 days between reboots, I think the
> > highest was 90+ days, on my main do everything and anything desktop PC
> > (it runs FreeBSD, 6-STABLE, now).
> >
>
> Many updates are for core things that require reboots though.. As a
> desktop
> you can get away with it.. As a server I don't think I would take the
> risk..
>
I'd have to sorta disagree with you, I think it breaks down more like this:
90% Outlook / Outlook Express, Internet Exploder, WSH (.vbs, .js etc.)
etc. and their subsystems like the MS-HTML engine, ActiveX.
10% Others (core), like the RPC problem or what ever this new one is.
You can forcefully remove everything in the 90% category with software
like 2000/XPlite.
On a properly firewalled windows system the main entry point for any
type of exploit is outlook or IE. Unless theirs an RPC exploit like
the one a wail back I don't patch are systems. Here is what I do when
I deploy a new box:
1. Install SP4.
2. Windows update (if I remember to do it).
3. Install 2000Lite and Remove IE, outlook, and all that crap.
4. Install Firefox and Sun's JVM. (use Horde's IMP for email,
Kronolith etc. for groupware)
6. Install firewall and anti-virus software.
7. OpenOffice 2
I spend MORE time fixing the crap that MS breaks (NO I DON'T WANT TO
REINSTALL INTERNET EXPLODEDER YOU FSCKING AHOLES!!!, LEAVE MY PROGRAMS
ALONE!!!) with their hotfixes and getting Adobe's Photoshop CS1/2 to
work (10GB temp files using it's file browser, 30% CPU usage and 1GB
ram with the program doing nothing in the background that I just
started!!! WTF!) and getting PageMaker (POFS!!!) to work then I do
with patching and all the crap. I don't have problems so I don't do
it, and it's been that way for years.
I'm forcing them (yes I have the control and authority to do it) to
Mac and OS-X (or Linux when Adobe gets their fucking *** together and
ports Photoshop, dammit! I hate lock in!!!, (Gimp is crap btw so don't
even...) when they EOL Win2K completely. Win2K is the only Microsoft
product we use do to my methodical planning and very strong
anti-Microsoft policy. Every critial piece of software we run is cross
platform.
I'm going to switch careers, or go postal, if I have to keep dealing
with the *** tards at MS. sorry this turned into a MS, and Adobe,
rant but it did had I had to blow off some steam. It's like I'm
Sisyphus and MS is the rock... MS is like a cockroach. hmmm
Maybe if I remove the firewalls,SP4, etc. I can blame it all on MS and
get them to change to Mac's faster. I'll have to add that to my black
opts. list.
Anyways.
Anyone here ever think of putting together BSDLinux, FreeBSD with a
Linux kernel? I'll have to start a thread over on chat or something.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Eric Murphy: "sound question #2"
- In reply to: Jerahmy Pocott: "Re: Long Uptime"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
