[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Alternatives to CVSUP for Security Updates and Errata
- Subject: Alternatives to CVSUP for Security Updates and Errata
- From: fhb_1969 at yahoo.ca (Kenneth A. Bond)
- Date: Thu Aug 26 12:13:39 2004
I am a systems adminstrator for large multi-national firm, consisting of approximately 90,000 employees.
I currently manage several FreeBSD 4.9 and 4.10 servers that serve as high volume web servers to several of our employees worldwide.
As you can imagine, in firm the size of ours, various teams are reponsible for various aspects of our technology infrastructure. With that said, I have requested to have our security team create a policy that will allow traffic to and from my servers via port 5999 for CVSup, so that I could synch my source.
My request has been flatly refused, due to the fact that FreeBSD is not a firm-standard operating system. The security team will not open up the firewalls for this purpose. CVSup is not an option.
My question is what would be the best possible method of keeping up-to-date with security patches and errata? I have tried Colin Percival's FreeBSD-Update in the past, but I'm not sure that this is the best method, since I am using some SMP custom kernels.
I've also heard that CTM is a very error-plagued and archaic method.
Post your free ad now! Yahoo! Canada Personals