From: | Chow Loong J. |
Sent on: | Tuesday, October 25, 2011, 1:03 PM |
On 25/10/[masked]:57, Wong Boon Hong wrote: > I have quite a few bad experience from updates/patchings (including Microsoft > Windows and vmware ESX) and find the risk of patching my system is often more > dangerous than retaining them as outdated system. > > So do you guys update your apps and Linux often? Especially Servers? I always > update my desktop but not server as I can't afford the downtime that affect so > many users. My desktop (laptop, really), which runs Ubuntu, I update all the time, but with my servers, I'm more careful with the upgrades I do. The server I maintain, which hosts ntuoss.org and sg.releases.ubuntu.com, runs Debian, which provides security updates or bug fixes with minimal impact to their stable releases. I generally apply those updates and do a little testing after, because they've already gone through a considerable amount of testing before being released into the repository and are quite unlikely to break. That said, updates always do pose a risk of breaking your system, usually proportional to how big the update is, so I usually keep an eye out for packages that are essential to the server's operations and make sure they continue working after. And for major distro upgrades like from Debian Lenny to Debian Squeeze, I prefer to have physical access to the machine before running the upgrades. On the other hand, like Harish said, by not updating your server, you're just setting yourself up for trouble. Skipping security updates can leave your server open to known security holes, which can in turn lead to your server getting compromised. And the cost of recovering a compromised machine is much more than the cost of recovering from a borked upgrade. -- Kind regards, Loong Jin
This email message originally included an attachment.