Re: Mail Hosting !

• Next message: Keith Bottner: "RE: linksys Network Everywhere NC100 10/100 PCI error"
• Previous message: Rakers, Jason: "RE: on topic this time :)"
• In reply to: Oguz Demirkapi: "Re: Mail Hosting !"
• Next in thread: Denis Ducamp: "Re: Mail Hosting !"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 05, 2000 at 04:54:23PM +0100, Oguz Demirkapi wrote:
>
> > As for the flavor of linux, pick one that you are comfortable with. My
> > personal prefrence is slackware, but if you know redhat you are better
> > using it then learning a different distro.
>
> Skill level is not important for us.
> Now we think to install RedHat 6.1 or Slackware 7.0.
>
> Of course RedHat and Slackware are enough secure but we have to think
> more about security also.
> So what about OpenBSD or FreeBSD ?

They are as secure as you configure and administer them.
The best OS is the one that you administer best.

What is great with OpenBSD that it's constantly audited for security holes.

> > > RedHat has RPM - an utility used to install programs which
> > > can _verify_ if installation is correct - IMO it will help
> > > in case some hacker modifies a program to access your host.
> > > Maybe Debian has similar one, too (anyone knows?). If you
> > > use Slackware, you can only use MD5SUM manually...
>
> This is funny : )

Whatever the OS, I prefer using tripwire than OS package manager.

I use slackware because there isn't package management (well, there's one
but there isn't dependency management so it's easier for me to do what I
want). Important daemon are compiled from sources and binaries and
configuration files are protected with tripwire.

With BSD accounting and a line "*.debug /var/log/full-log" in
/etc/syslog.conf you can really manage your system.

If you are really paranoïd you can use :
 - Solar Designer linux patch from www.openwall.com to have a non executable
   stack
 - openBSD to have an audited system and quickly patched security holes.
 - stackguarded RedHat from immunix.org to have a system compiled with
   stackguard

But whatever your choice, ***every day*** (even 31/12 and 01/01) at least
one of the administrators have to read bugtraq and other mailing lists.

Denis Ducamp.

-- 
   |\      _,,,---,,_                  Denis Ducamp <Denis.Ducamp@hsc.fr>
Zz /,`.-'`'    -.  ;-;;,_                       Hervé Schauer Consultants
  |,4-  ) )-,_.,,\ (  `'-'                             http://www.hsc.fr/
 '---''(_/--'  `-'\_)Isn't there always a cat on whatever you're reading?
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu

• Next message: Keith Bottner: "RE: linksys Network Everywhere NC100 10/100 PCI error"
• Previous message: Rakers, Jason: "RE: on topic this time :)"
• In reply to: Oguz Demirkapi: "Re: Mail Hosting !"
• Next in thread: Denis Ducamp: "Re: Mail Hosting !"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jan 07 2000 - 21:00:12 EST