At 4/2/01 10:37 PM -0500, you wrote:
> > I could have had the whole thing for free; but there is no free lunch, and
> > if you want lowest cost you don't get much (or any) support. Free downloads
> > and product, but no free support.
>
>I never downloaded - I paid for it !!!
I understand your situation, and was not challenging your point. I merely
tried to provide support for my assertion that "the little guy" is best
served by choice rather than included cost, even for things which most
people would/should buy.
> > * When trying to run a server, remember that frequent changes are the enemy
> > of stability. Get your system to run, lock it down as much as possible so
> > you don't get hacked, and LEAVE IT ALONE. Make only those changes that you
> > need to make for security or performance reasons. If you need the newest
> > Apache, put it in, then leave it there. Since BIND got hacked, upgrade to
> > 8.2.3, then leave it there.
>
>Have the last one up and running.
For the sake of hack reduction, I've also decided to set up a much smaller
server to run ns1 (ns2 I'm going to swap secondary DNS with someone). This
server will provide ancillary services as well, such as backup mail
queuing, centralized logging, and UPS monitoring, but will leave less stuff
running (and fewer vulnerabilities) in my primary servers. Not expensive...
I found a Sun SparcStation on Ebay for $150 that is old, but nicely stable
(about 80 days uptime so far). I'm moving it from Caldera to RedHat 6.2
(there is no 7.0 for sparc... dunno why, go figure), and will put it into
production soon.
Just an idea...
>But disable up2date and everything resembling
> > it. Don't "fix" what isn't broken. Simply subscribe to redhat-watch and
> > redhat-announce and install (1) what you have to or (2) what you really
> > want. Not everything.
>
>What about leaving it and stop automatic start up of rhnsd; - will that
>work ???
Well, that's what I did... but I'm pretty new at this so don't take my word
for it. It may also help that I never started up2date on this server at
all...:)
--
Rodolfo J. Paiz
[EMAIL PROTECTED]
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
