Well for servers I think it would be safe to stay away from LFS and Gentoo. Gentoo Linux's portage system is not stable enough for a server, and LFS is way too much work to waste on updating a system by hand and/or compiling stuff every few days. Servers really need to have some kind of stable package management built into it. Debian probably has the best package management out there (Although I think Gentoo has a better one if they could just stabilize it a little more), it's too bad most of the important packages needed for servers are so out of date that they don't offer the functionality you need. RedHat's RPM system isn't very fun for desktop machines unless you really know what you are doing but I have never had problems with RPM on any of my 25 production Linux servers as you don't have to worry about X11 stuff and bleeding-edge software. As for giving a presentation on this, I really only understand Debian, Gentoo and RedHat's update systems well enough to talk on them. However, I don't think a presentation on them would last more then 5-10 minutes. I would be glad to work with someone on this but I can't come up with enough material by myself to cover a full presentation.
> So what about Linux-from-Scratch? Or whatever else. > > I'm not saying it's a bad idea, I'm just saying that keeping a distro > current is reasonably distro specific. Or at least it's package manager > specific... > > Kev. > > > > ----- Original Message ----- > From: "Jeffrey Clement" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, September 17, 2002 3:38 PM > Subject: Re: (clug-talk) Linux gets a worm! > > >> It could be similar with Gentoo. Best would simply be to add >> something > like: >> emerge rsync >> emerge world -p | mail [EMAIL PROTECTED] >> to crontab. It would sync the portage tree and then list off which > packages have been changed. You could have it automatically install but > I would think that falls in the category of bad idea. >> >> Jeff >> >> On Tue, Sep 17, 2002 at 03:29:49PM -0600, S�bastien Taylor wrote: >> > The Debian and YellowDog (and I think Connectivia) one would be >> easy, set your /etc/apt/sources.list to subscribe to the security >> updates, and have a cron job run nightly doing a 'apt-get update && >> apt-get upgrade' ...that would keep you current. But a presentation >> on the nuances of some of the other systems could be interesting. >> > >> > >> > Kevin Anderson a �crit: >> > >> > >Apt-get works much different than Portage which works different >> than Mandrake Update Robot, which is different than YaST2, which is > different >> > >than up2date, with the last even adding the possibility of a cost >> to > the >> > >equation. And hardest of all is manually checking the installed > packages, >> > >and then visiting the appropriate sites to update them >> individually. >> > > >> > >It might be better to have a few people co-ordinate a presentation, > with >> > >each demoing their favorite distro's tool/utility. >> > > >> > >Kev. >> > > >> > > >> > >----- Original Message ----- >> > >From: "Jarrod Major" <[EMAIL PROTECTED]> >> > >To: <[EMAIL PROTECTED]> >> > >Sent: Tuesday, September 17, 2002 10:37 AM >> > >Subject: Re: (clug-talk) Linux gets a worm! >> > > >> > > >> > > >> > > >> > >>This sounds like an excellent topic for a presentation. Anyone >> want to tackle it next month? We do not have a presentation >> scheduled and as > such >> > >> >> > >> >> > >it >> > > >> > > >> > >>would be nice of someone came forward. >> > >> >> > >>Trevor, interested? >> > >> >> > >>Jarrod Major >> > >>CLUG Treasurer >> > >>Registered Linux User >> > >> >> > >>----- Original Message ----- >> > >>From: "Trevor Lauder" <[EMAIL PROTECTED]> >> > >>To: <[EMAIL PROTECTED]> >> > >>Sent: Tuesday, September 17, 2002 10:32 AM >> > >>Subject: Re: (clug-talk) Linux gets a worm! >> > >> >> > >> >> > >> >> > >> >> > >>>Even if you are running only services you want, those services >> still > may >> > >>>require updating and monitoring. If someone isn't keeping up on >> > >>> >> > >>> >> > >updates, >> > > >> > > >> > >>>etc and they get hacked because of it then they get what they >> deserve >> > >>> >> > >>> >> > >and >> > > >> > > >> > >>>I feel no sympathy for them. Just because Linux/Netware are >> stable > OSes >> > >>>doesn't mean they don't need babysitting (By this I mean: >> watching > the >> > >>>logs, monitoring the network they are on). The problem with the > average >> > >>>NT/2000 or MCSE administrator is that Microsoft is promoting > lazy/cheap >> > >>>administration. A lot of those administrators that come over to > linux >> > >>>bring those bad habits with them, and when something bad happens >> they blame it on the OS when the blame should in fact lie with >> themselves. Just my 2 cents. >> > >>> >> > >>> >> > >>> >> > >>>>One of the benefits of Linux is that it doesn't need to be >> babysat. >> > >>>> >> > >>>>I know this is an arguable thing, but I like that I set up a >> machine >> > >>>> >> > >>>> >> > >at >> > > >> > > >> > >>>>one of our remote locations, and it hasn't been signed into in >> well >> > >>>> >> > >>>> >> > >over >> > > >> > > >> > >>>>a year. >> > >>>> >> > >>>>It's fine to say "be on top of things", but I want a server that > runs >> > >>>>like this... >> > >>>> >> > >>>> >> > >http://www.networkcomputing.com/1119/1119f1products_2.html >> > > >> > > >> > >>>>And I'll argue that exploit or not, this basically offers that >> > >>>> >> > >>>> >> > >ability. >> > > >> > > >> > >>>>Unlike NT, Linux and Netware both run only services that you >> want > them >> > >>>>to, rather than needing repeated security patches for things >> like >> > >>>> >> > >>>> >> > >MEDIA >> > > >> > > >> > >>>>PLAYER on a server. >> > >>>> >> > >>>>I wonder if anyone would notice if I used a Database server for >> > >>>> >> > >>>> >> > >watching >> > > >> > > >> > >>>>DVDs throughout the day. Maybe, but then they do have GL > screensavers >> > >>>>too. >> > >>>> >> > >>>>Kev. >> > >>>> >> > >>>> >> > >>>> >> > >>>>----- Original Message ----- >> > >>>>From: "Trevor Lauder" <[EMAIL PROTECTED]> >> > >>>>To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; >> > >>>><[EMAIL PROTECTED]> Sent: Monday, September 16, 2002 >> 12:22 > PM >> > >>>>Subject: Re: (clug-talk) Linux gets a worm! >> > >>>> >> > >>>> >> > >>>> >> > >>>> >> > >>>>>Actually, worms under linux have existed for a while now... and > even >> > >>>>>longer under unix. As for this exploit, I really hope anyone >> here running SSL had that patched a while ago because the patch >> for that exploit came out about a month ago. This exploit is >> targeting >> > >>>>> >> > >>>>> >> > >servers >> > > >> > > >> > >>>>>that haven't been updated in a at least a month and it's >> actually hitting lots of people, pretty sad when patches have >> been available for a while now. >> > >>>>> >> > >>>>> >> > >>>>> >> > >>>>> >> > >>>>>>-----BEGIN PGP SIGNED MESSAGE----- >> > >>>>>>Hash: SHA1 >> > >>>>>> >> > >>>>>>Finally Linux is worth the time for someone to make a worm. >> Easy > to >> > >>>>>> >> > >>>>>> >> > >>>>>detect, easy to defeat, and dose not affect my server but >> still a worm. >> > >>>>> >> > >>>>> >> > >>>>>> >> > >>>>>> >> > >>http://securityresponse.symantec.com/avcenter/security/Content/2002.09.13.h > t >> > > >> > > >> > >>>>ml >> > >>>> >> > >>>> >> > >>>>>>Yes I run Apache but I don't use SSL. If you run SSL you must >> read >> > >>>>>> >> > >>>>>> >> > >>>>>this. - -- >> > >>>>> >> > >>>>> >> > >>>>>>Roy Souther <[EMAIL PROTECTED]> >> > >>>>>>http://www.SiliconTao.com >> > >>>>>> >> > >>>>>>Live to code, code to live! >> > >>>>>>-----BEGIN PGP SIGNATURE----- >> > >>>>>>Version: GnuPG v1.0.6 (GNU/Linux) >> > >>>>>>Comment: For info see http://www.gnupg.org >> > >>>>>> >> > >>>>>>iEYEARECAAYFAj2F83YACgkQCbnxcmEBt434oACgqPHbAWIcOBX6m7jOUZ2rsLJR >> > >>>>>> >> > >>>>>> >> > >>>>>1YoAnRkdLTB42p8mS+WlaDuB5L7nV39+ >> > >>>>> >> > >>>>> >> > >>>>>>=YkE6 >> > >>>>>>-----END PGP SIGNATURE----- >> > >>>>>> >> > >>>>>> >> > >>> >> > >>> >> > >>> >> > >>> >> > >> >> > >> >> > >> >> > >> > >> >
