September 20, 2010 - 9:21pm
by Shane Simpson

Security updates with no reboots!

There is an exploit out there right now and we had to spend quite a bit of time patching servers today (as a matter of fact, our night shift is finishing things off right now). We decided to move forward with our plan to rollout ksplice (http://ksplice.com), which allows us to patch/update kernels without reboots. We've been considering this upgrade for a while but this recent security issue made our minds up.

Reboots = downtime = loss of revenue for our clients.

So, we're trying to avoid that. If your server/VPS is not already running ksplice, it will be soon. Reboots for updates will be a thing of the past. In my mind, that is money well spent on our part.

If you are interested in what the vulnerability was, you can read about it here:

https://access.redhat.com/kb/docs/DOC-40265

and here:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081

Post new comment