On Wed, Sep 30, 2009 at 2:43 PM, Ron Blizzard rb4centos@gmail.com wrote:
On Wed, Sep 30, 2009 at 1:18 PM, Brian Mathis brian.mathis@gmail.com wrote:
Uptime is a red herring and is generally meaningless. You'd be better off performing updates and reboots at least once a month, so you don't need to worry about any big changes that might come with not updating for almost 2 years. If you updated now and something broke, you wouldn't know what did it. If you keep up incrementally, you can catch the small things as they come. You also don't have a "delicate flower" that you need to worry if it won't come up after the next reboot. That's not a good situation to be in.
Except, in this case, you could probably go forever without updating. CentOS/Asterisk is just the switch's embedded OS as used here. I've maintained many Nortel switches (based on Wind River UNIX) which weren't patched for years -- no need to update the OS unless there was a specific problem or a necessary new feature. But I do think Rob wants to update this system. The problem is, unlike computer networks, people are very intolerant of phone downtime.
-- RonB -- Using CentOS 5.3
The difference is that CentOS is a general-purpose OS that can be used for many things, and has a much bigger installed base. That makes it more of a target and would likely be included in scanning tools. A custom OS running on a PBX might also have vulnerabilities, but it's also probably not a big target because of the diversity of systems out there and relative limited utility one would have if such a system were compromised.
That you tend to tend to think of it as an "appliance" running the phone system does not change the fact that it's actually a full-blown server OS with the same issues as other servers.