On Mon, 9 Apr 2001, Alvin Oga wrote:
> its NOT my choice of what distro they wanna use... if they insist on
> it... its their $$$$
true, but if you have to do the cleanup or take care of the network, you
should have a say in what goes on it. especially when they have been the
victim of asecurity incident.
> - before i check into or whilst i check into immunix...
> - when timer permits, its time to check into bastelle and
> - the version from nsa too ??
bastille is a hardening script for redhat. works very well, and is highly
reccomended. in fact we at cwrulug adopted a similar strategy to harden
RH6.2 boxes on our network, with great success. the nsa's selinux is nice,
but not applicable to being a general purpose OS. its a start of a
compartmentalized operating system which implements orange book, trusted
OS features. while it secure, its not compatible, i bet, with the users'
needs or experience.
hope this helps.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
