ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Best practice security updates linux servers?

    IT Discussion
    linux servers security updates
    10
    30
    2.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JaredBusch @1337
      last edited by

      @Pete-S said in Best practice security updates linux servers?:

      @JaredBusch said in Best practice security updates linux servers?:

      @Pete-S said in Best practice security updates linux servers?:

      What is best practice when it comes to security updates on linux servers?

      How should it be handled?

      A lot of desktop systems are applying updates automatically but they are not mission critical either.

      I use yum-cron on RHEL 7/CentOS 7
      I use dnf-automatic on Fedora

      I only have a couple of Debian based servers and I keep being lazy about setting something there.

      This is the package for it on Debian
      https://wiki.debian.org/UnattendedUpgrades

      So do you both download and apply them automatically?
      Security updates only or everything?

      Download and apply, everything

      But this is a low risk IMO as each VM is a single task.

      Not like updating very package ever on a server.

      1 Reply Last reply Reply Quote 4
      • D
        Danp
        last edited by

        Here's a prior discussion on setting up Unattended Upgrades --

        https://www.mangolassi.it/topic/19272/how-to-configure-automatic-updates-on-ubuntu-18-04-lts

        1 Reply Last reply Reply Quote 4
        • S
          scottalanmiller @1337
          last edited by

          @Pete-S said in Best practice security updates linux servers?:

          A lot of desktop systems are applying updates automatically but they are not mission critical either.

          The more mission critical, the more you want automated updates!

          If you are big enough to have patch testing, then that's great and you should do that (if it makes financial sense.) But you have to be really, really big before it's financially viable as you basically need a full time staff, loads of compute resources, and a team that's doing that constantly and makes decisions lightning quick.

          1 Reply Last reply Reply Quote 3
          • S
            scottalanmiller @1337
            last edited by

            @Pete-S said in Best practice security updates linux servers?:

            So do you both download and apply them automatically?
            Security updates only or everything?

            Security absolutely for sure. But often, everything. I always do security automatically. The other/rest is more situation by situation, but it's rare that I want (or a customer wants) to pay for updates when they could be automatic and faster.

            1 Reply Last reply Reply Quote 1
            • S
              scottalanmiller
              last edited by

              Literally was doing this today for a F100 customer 🙂

              V 1 Reply Last reply Reply Quote 0
              • V
                VoIP_n00b @scottalanmiller
                last edited by

                @scottalanmiller Who?

                S 1 Reply Last reply Reply Quote -2
                • S
                  scottalanmiller @VoIP_n00b
                  last edited by

                  @VoIP_n00b said in Best practice security updates linux servers?:

                  @scottalanmiller Who?

                  Naming customers in public is not something people do in IT. Nor is in considered okay to ask.

                  D 1 Reply Last reply Reply Quote 4
                  • M
                    marcinozga
                    last edited by

                    This whole approach of not doing updates on mission critical system is nonsensical. Admins need to grow a set and setup automatic updates on everything by default. If stuff breaks when you update it, that's on software vendor, period.

                    D 1 Reply Last reply Reply Quote 2
                    • D
                      Dashrender @scottalanmiller
                      last edited by

                      @scottalanmiller said in Best practice security updates linux servers?:

                      @VoIP_n00b said in Best practice security updates linux servers?:

                      @scottalanmiller Who?

                      Naming customers in public is not something people do in IT. Nor is in considered okay to ask.

                      I can't remember where you fall on the asking about salary thing?

                      D S 2 Replies Last reply Reply Quote 0
                      • D
                        Dashrender @marcinozga
                        last edited by

                        @marcinozga said in Best practice security updates linux servers?:

                        This whole approach of not doing updates on mission critical system is nonsensical. Admins need to grow a set and setup automatic updates on everything by default. If stuff breaks when you update it, that's on software vendor, period.

                        LOL - sure of course, we'd love this to be true... it may be on the software vendor, but it's still on you as the one who has to support it for the company.

                        S 1 Reply Last reply Reply Quote 1
                        • D
                          dbeato @Dashrender
                          last edited by

                          @Dashrender I believe @scottalanmiller said that it is okay to share what salary you earn.

                          1 Reply Last reply Reply Quote 1
                          • S
                            scottalanmiller @Dashrender
                            last edited by

                            @Dashrender said in Best practice security updates linux servers?:

                            @scottalanmiller said in Best practice security updates linux servers?:

                            @VoIP_n00b said in Best practice security updates linux servers?:

                            @scottalanmiller Who?

                            Naming customers in public is not something people do in IT. Nor is in considered okay to ask.

                            I can't remember where you fall on the asking about salary thing?

                            Salary is a personal matter. You should always be allowed to disclose details about yourself.

                            V 1 Reply Last reply Reply Quote 0
                            • S
                              scottalanmiller @Dashrender
                              last edited by

                              @Dashrender said in Best practice security updates linux servers?:

                              @marcinozga said in Best practice security updates linux servers?:

                              This whole approach of not doing updates on mission critical system is nonsensical. Admins need to grow a set and setup automatic updates on everything by default. If stuff breaks when you update it, that's on software vendor, period.

                              LOL - sure of course, we'd love this to be true... it may be on the software vendor, but it's still on you as the one who has to support it for the company.

                              Only if you chose it, and if you chose a vendor that doesn't have working software, that's something to ponder.

                              1 Reply Last reply Reply Quote 0
                              • V
                                VoIP_n00b @scottalanmiller
                                last edited by

                                @scottalanmiller said in Best practice security updates linux servers?:

                                Salary is a personal matter. You should always be allowed to disclose details about yourself.

                                Youtube Video

                                S 1 Reply Last reply Reply Quote 2
                                • S
                                  scottalanmiller @VoIP_n00b
                                  last edited by

                                  @VoIP_n00b said in Best practice security updates linux servers?:

                                  @scottalanmiller said in Best practice security updates linux servers?:

                                  Salary is a personal matter. You should always be allowed to disclose details about yourself.

                                  Exactly, I've actually seen that before. But it's well known in the industry, too. In high end positions, people discuss their salaries all of the time.

                                  It's not just within a single company. The entire IT industry does this. IT pros are constantly hiding their salaries, or worse, claiming that those that make better salaries than them are lying or anomalies. You see it here on ML a lot. People feel badly that they've negotiated so low and resent people finding out, but people with decent salaries often share, and get attacked for showing what can be earned.

                                  There's so much pressure to shame people into hiding their salaries and IT pros tend to be very susceptible to that kind of pressure that we have an industry earning so much less than it should.

                                  D 1 Reply Last reply Reply Quote 0
                                  • D
                                    Dashrender @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Best practice security updates linux servers?:

                                    @VoIP_n00b said in Best practice security updates linux servers?:

                                    @scottalanmiller said in Best practice security updates linux servers?:

                                    Salary is a personal matter. You should always be allowed to disclose details about yourself.

                                    Exactly, I've actually seen that before. But it's well known in the industry, too. In high end positions, people discuss their salaries all of the time.

                                    It's not just within a single company. The entire IT industry does this. IT pros are constantly hiding their salaries, or worse, claiming that those that make better salaries than them are lying or anomalies. You see it here on ML a lot. People feel badly that they've negotiated so low and resent people finding out, but people with decent salaries often share, and get attacked for showing what can be earned.

                                    There's so much pressure to shame people into hiding their salaries and IT pros tend to be very susceptible to that kind of pressure that we have an industry earning so much less than it should.

                                    What industries don't you find this in?

                                    S 1 Reply Last reply Reply Quote 0
                                    • S
                                      scottalanmiller @Dashrender
                                      last edited by

                                      @Dashrender said in Best practice security updates linux servers?:

                                      What industries don't you find this in?

                                      Well my exposure is less. But what I've seen everything from medical to manufacturing to finance to business to retail people share wages much more freely.

                                      DustinB3403D 1 Reply Last reply Reply Quote 0
                                      • DustinB3403D
                                        DustinB3403 @scottalanmiller
                                        last edited by

                                        @scottalanmiller said in Best practice security updates linux servers?:

                                        @Dashrender said in Best practice security updates linux servers?:

                                        What industries don't you find this in?

                                        Well my exposure is less. But what I've seen everything from medical to manufacturing to finance to business to retail people share wages much more freely.

                                        I've always assumed that keeping salary private was the norm as I've never really seen or heard anyone discuss it before. I'm sure it happens from time to time, but I think people want their income kept private.

                                        S 1 Reply Last reply Reply Quote 0
                                        • S
                                          scottalanmiller @DustinB3403
                                          last edited by

                                          @DustinB3403 said in Best practice security updates linux servers?:

                                          @scottalanmiller said in Best practice security updates linux servers?:

                                          @Dashrender said in Best practice security updates linux servers?:

                                          What industries don't you find this in?

                                          Well my exposure is less. But what I've seen everything from medical to manufacturing to finance to business to retail people share wages much more freely.

                                          I've always assumed that keeping salary private was the norm as I've never really seen or heard anyone discuss it before. I'm sure it happens from time to time, but I think people want their income kept private.

                                          That's what businesses want you to think.

                                          1 Reply Last reply Reply Quote 1
                                          • S
                                            scottalanmiller
                                            last edited by

                                            One of the points of unions is to make everyone's income public.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post