On Thu, 17 Apr 2014, Roger wrote:
What would one have to look out for if one does keep an EOL Fedora for a
number of years?
Roger
I *assume* (though do not know) that you wouldn't keep getting library updates,
so that eventually updated apps wouldn't run even if you downloaded them by
hand. Don't know, though.
I do know that about 15 years ago, I used to do system admin for a small
government scientific network. I left the activity to work somewhere else, but
they hired me as a private consultant to do remote security maintenance. In
addition, I'd travel up to DC to do clean OS upgrades twice a year. I did that
for awhile until the activity was partially defunded, and they couldn't renew
my contract.
Then, for another few years, I did a rather haphazard security surveillance for
them gratis, since I was friends with one of the scientists there. However, I
didn't do upgrades. The bottom line was that there were four servers in the
DMZ, and all did fine for five years without any human hands actually touching
them. Script kiddies banged the bejesus out of my webserver, ssh server, and
ftp server, but I never saw an actual intrusion with the tools I had. Doesn't
mean there wasn't one, of course :-), but I looked pretty hard and I had the
advantage of surveilling a network that had few users, and whose users did very
limited things. Back then, I was a fan of Mandrake/Mandriva (this was before
Mageia). I was pretty surprised by the robustness of the OS even without
upgrade -- four machines ran five years without any hands-on maintenance, and
even survived a couple of power outages and a hurricane or two.
But, all in all, it gave me the willies. I was a lot more paranoid than the
scientists on the system. If there was going to be an intrusion, it would have
more likely been because of social engineering with them rather than a memory
overflow bug in the webserver...
billo
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
