Hi, > my opinion would be that if you don't want to spend lots of research > time, I tend only to use packaged solutions (or package them myself, > let swup-cron handle the updates).
I agree with you in this one. > squid is fine, but having to install dansguardian for five seats is too > much I think, a good LART in the office will suffice. I disagree with this one. I would recommend installing dansguardian + clamav for safer browsing (as was mentioned in original post) for even one seat (but not dansguardian alone)... To keep Squid + DG + ClamAV up to date is not actually that critical. The core of this (Squid and ClamAV) can be handled by swup and therefore kept up to date. New versions for other required parts that are not supported via swup (DG with ClamAV plugin and libESMTP) are not released much often (DG with ClamAV plugin - 7 months - available also as srpm, libESMTP - latest stable released 2004-04-20). The only downside I can see now, is that DG can't simply block individual local user using time restrictions as Squid does... So, that's my point of view on this one ;-). > proftpd? if you really want to run another service on the same box > (which holds internal data, right?) I rather recommend you read twice > (on every occasion) the entire config of the box, to make sure there > isn't any "known" security hole. and/or maybe try an alternative - vsftpd. Easy to configure and very flexible... Cheers, -- Jaroslav Vrbicky _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
