> -----Original Message-----
> From: "J. Simonetti" <
jeroen@...>@DSI
> Tbh, I totally disagree here. LFS is nice to get started when learning
> linux,
That's why I said, it may help you.
> but for a critical servers you need some sort of package
> management and well maintained repository.
And then? apt-get update; apt-get upgrade; with cron every hour?
You are kidding.
> You cannot spend your time
> updating and compiling software and fixing patches every time there is
> an update whilst the next zlib/ssl exploits are floating
> around the net.
I have to spend the time, and if my server is REALLY critical, I will have
to. Ans most of the time, my team is faster than debian.
> One thing I do agree with is creating a custom kernel suited for your
> hardware.
Suited for the hardware and implementing a couple of security features.
> I think the basis for a mission critical server is its hardware. Make
> sure you select hardware wich is well known and widely
> supported for the
> distro you intend to run. Don't choose exotic hardware raid cards just
> because they might work good. Choose the one wich has the
> best drivers.
> The same goes for all other hardware offcourse.
The hardware can do a lot for availability, of course, but nothing for
security (except physical security)
> Now for the distro to choose there is a wide variety which
> can be used.
> Whatever your needs are, pick a distro with good support. Depending on
> what kind of server you need to run choices could be (but are not
> limited to) Openbsd for firewalls/security, Solaris for stability and
> support,
Ever tried to customize your Solaris-kernel?
> Debian for feature richness or Redhat Enterprise for a large
> hardware base and its support.
> If pure stability is the only factor in my decision I would go for
> Openbsd or Solaris and choose hardware which is 'known-to-be-good' for
> those platforms.
Best regards
--
Christoph Gruber, CISM
Chief Security Officer
WAT1SD, Security & Data Protection
WAVE Solutions Information Technology GmbH
A-1090 Wien, Nordbergstraße 13
Tel.: +43 (1) 71730-53514, Fax: +43 (1) 71730-54230
mobile: +436648122661
christoph.gruber@...
http://www.wave-solutions.com
