On Sun, Aug 11, 2013 at 5:27 AM, coderman <[email protected]> wrote:
> if i were to summarize what i have found effective against dedicated > and resourceful attackers (again, i can't go into details :) this > would be the top 5: > > 1. use a common distro, but rebuild critical components - bootloader, > initramfs, openssl, openssh, the kernel, gnutls, libgmp, use 64bit, > etc. > By "rebuild" do you mean compile it yourself or are you talking full-up review and rewrite? The former should be no problem for anyone capable of setting up a secure hosting service. The latter is probably beyond the means of small teams in any commercially reasonable timeframe. -- Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209
