In a message dated: Wed, 04 Oct 2000 10:58:38 EDT
Tony Lambiris said:
>something happened (can't remember what), and Shilo decided to install Red Hat.
>First of all, that was probably his first mistake.
Why? I've been running RH systems on servers for more than 5 years now and
never had a problem with them. Sure, their distribution is buggy at times,
but it's usually restricted to a small subset of software, and is usually
fixed quite rapidly. At the least, don't install what's known to be buggy,
and grab the source for that sw and compile/install it yourself.
>I just read on Slashdot that Red Hat 7.0 had over like 2,500 documented bugs,
>or something outrageous like that.
Documented and Verified are completely different. If you look a litte more
closely, what counts as a "Documented" bug is more often than not "Stupid User
Error". For example, someone reported as a bug the fact that when one does
not have write permission on a directory/file, they can not edit those files.
That's not exactly a bug!
>I'm not saying Red Hat can't be locked down, but it is definately the
^^^^^^^^^
>last distribution I would look at for a server environment.
Locked down and buggy are again, two different concepts. Just because a
certain distribution may or may not be buggy has nothing to do with whether or
not it can be hardened. RH is just like every other distribution
or Unix system for that matter, when it comes to be locked down. You do
exactly the same things to harden all Unix systems.
There is nothing wrong with running RH as a server. Running it as a server
also has nothing to do with whether or not it can be locked down. We're
currently running the majority of our servers on RH. Why? They have, hands
down, the best and easiest installation out there. I can install a RH system
in about 5 minutes, and have it up and running as a server in under an hour
(with all the site-specific configurations, hardening, etc.). I can't do that
with any other distribution, especially with Debian (and I love Debian, they
just have a really crappy install tool).
>That, and coupled
>with the fact he didn't know how to secure a box made for an easy target.
If you re-read the e-mail, you'll note the problem was not that it was broken
into, but rather that it was *used* to break into another location. Now,
whether or not it was used by students who broke into this system and used it
as a jumping off point to crack into other locations, I don't know.
>I think it was about that time when I knew Keene State College was a waste
>of my time and money.
Hmm, perhaps you should reconsider, you're spelling can *definitely* use some
improvement :)
--
Seeya,
Paul
----
I'm in shape, my shape just happens to be pear!
If you're not having fun, you're not doing it right!
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
