Spyke
TheHolyChecksum
infosec.pub

I have seen a Cisco router with 17 years of uptime in an internet exchange in Canada.

27
Foxreply
pawb.social

Who said only internet-facing assets need to be patched?

-1
Foxreply
pawb.social

What would be the point of a router not connected to any network?

10
Foxreply
pawb.social

This comment thread is about an unpatched router (probably in production) at a Canadian Internet exchange

3
netburnr
lemmy.world

Not rebooting for security patches isn't something to be proud of.

23
evranchreply
lemmy.ca

On the other hand, network partitioning and security that means you don't have to reboot an internal device for security patches is something to be proud of.

On my site we have tons of archaic, unpatchable industrial devices.

4
ForgotAboutDrereply
lemmy.world

It is if the reason is there are no security vulnerabilities to patch, which is highly unlikely. When you bought things they used to be fully functional and working for the rest of their life. Now we expect everything to be broken and require constant revisions, it's terrible we expect all software to be of such a low quality that it's ships with vulnerabilities.

3
𞋴𝛂𝛋𝛆reply
lemmy.world

There are ways to apply patches without rebooting but it requires super advanced understanding of the kernel, individual packages, and how they work. Rebooting is just the idiot's catch-all solution. One of Red Hat's biggest selling points is their live patched kernel. It takes a kernel hacker level of understanding to pull off live patching on your own.

2
maryjayjayreply
lemmy.world

Oracle Unbreakable Enterprise Linux patches the kernel live when you dnf update

2
OR3X
lemm.ee

I had a old ubuntu file server running on a PIII that ran for 2ish years. I thought that was impressive, but 6 is pretty awesome for non-enterprise grade hardware.

1

You reached the end

10-year-old Raspberry Pi revision 0002 runs for 6 years without rebooting | Spyke