JM wrote:
Then, he will need to harden the kernel, no? Enabling SElinux, etc in the
security section. Or even adding other security patches to the kernel. For those things the kernel source needs to be downloaded as well.
You might want to consider this hardened _distribution_ (including RSBAC, PaX, etc.pp.) - definitely worth a look:
http://www.trusteddebian.org/
It builds upon a debian woody and I'm happily running half a dozen productive servers and 4 firewalls with it.
Lacks a few odds and ends of X-support (VNC works perfectly) but hey, who needs that on a firewall :-)
regards
Martin
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
