[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Alternatives to CVSUP for Security Updates and Errata



Hello.
I am a systems adminstrator for large multi-national firm, consisting of approximately 90,000 employees.
 
I currently manage several FreeBSD 4.9 and 4.10 servers that serve as high volume web servers to several of our employees worldwide.
 
As you can imagine, in firm the size of ours, various teams are reponsible for various aspects of our technology infrastructure. With that said, I have requested to have our security team create a policy that will allow traffic to and from my servers via port 5999 for CVSup, so that I could synch my source.
 
My request has been flatly refused, due to the fact that FreeBSD is not a firm-standard operating system. The security team will not open up the firewalls for this purpose. CVSup is not an option.
 
My question is what would be the best possible method of keeping up-to-date with security patches and errata? I have tried Colin Percival's FreeBSD-Update in the past, but I'm not sure that this is the best method, since I am using some SMP custom kernels.
I've also heard that CTM is a very error-plagued and archaic method.
 
Please advise.
Thank you.




---------------------------------
Post your free ad now! Yahoo! Canada Personals

Visit your host, monkey.org