[rescue] Can someone do me a favor (fast 'net, CD-burner)
Sheldon T. Hall
shel at cmhcsys.com
Sat Dec 20 18:07:57 CST 2003
Joshua Boyd says ...
> On Tue, Nov 18, 2003 at 11:32:05AM -0500, Kevin wrote:
> >
> > The feature stream of IRIX simply adds features to the OS. Mostly
> > stuff dealing with media and so forth. I run 6.5.18f on an Octane
> > and an R5K Indy. Some of the extras are cool but most go unused.
>
> I'd argue that systems directly connected to the net should run the
> latest m stream rather than an older f stream. Otherwise, I'm all for
> the latest f stream on can come by as well.
By "directly connected" you mean with no separate firewall, right? I don't
think I'd do that with anything, actually, if I could help it. I say that
mainly because I'm a lot more confident of my ability to configure a
firewall than to secure a machine running a real OS.
If, on the other hand, having my un-patched, un-secured Unix boxes behind my
ISDN router-firewall means they are "directly connected," well, I'm in a
world of hurt. The Solaris box is running unpatched 7, open-relay sendmail
and all. I've made no attempts to secure the IRIX boxes, either....
However, the stuff's been up for a couple of years, and, while the haxorz
hammer the firewall, I've never seen any indication that they have gotten a
single bit through it. Of course, if they were _good_ at what they were
doing, I wouldn't see any evidence, I guess.
-Shel
More information about the rescue
mailing list