It's a matter of writing non-exploitable code so attack software like trinoo and tribe don't end up on your systems due to buffer-overflows in rpc or other services.
I put the emphasis back on the server admins. Security patches were readily available on the Sun site. Ignoring applicable security patches for months is likely to get you hacked and abused on todays net.
Yes.. and new patches appear each and every week. Do YOU want to schedule reboots for 80 some servers on a weekly basis? *IF* you get approval for such frequent reboots, you still have the problem of the administrative nightmare. Especially if you've made custom modifications to the systems and have to be carefull exactly which patches you apply instead of doing a blanket install. Now, from the other end of this, this is no excuse not to keep your servers up to date. You may just end up checking it, say, monthly instead of weekly. ---------------------------------------------------------------------- Wayne Bouchard [Immagine Your ] web@typo.org [Company Name Here] Network Engineer ----------------------------------------------------------------------