[LBo] Which server?
Andrew Henry
adhenry at bredband.net
Sat Nov 17 19:35:39 CET 2007
Yoder, Denton wrote:
> The word "Server" means different things to different people. When I
> hear the word Server, I think of a machine that doesn't have a graphical
> interface. Is locked in a closet where no one can touch it, has
> redundant power, redundant hard drives.... A server is often running
> Apache web server and often a mail server.
>
I appreciate that people can and usually do use the word 'server' with
abandon :) But, and correct me if I am mistaken, when I think of 'server
operating systems', I think of "only the bare minimum installed to do
what i need it to do", and "tight configuration with stricter default
permissions on standard files". If I install a desktop OS, then I get
lots of desktop software that I will never use on my server that could
potentially be open to a zero-day attack. If I never install these
extras to begin with, then I don't have to worry about zero-day attacks
right? Whether such attacks are common on Linux is another matter, but
the logic still stands.
When I see Desktop distros "marketed" alongside server distros, then I
assume that the server distro will not install packages that are not
typically needed on a server, and that server admin tools will be
available, and that if I do choose X, it will be a basic installation
etc etc. I know that I can achieve all of this with a lot of manual
labour and hacking a standard install of any Linux distro, but I want
opinions about which pre-packaged "server" distros have the tightest
security and default configuration, and which install just the bare
minimum (to a reasonable point...im not into Gentoo or Linux From Scratch.
> To tighten up security, you may want to look into IPTABLES
> http://www.netfilter.org/ Also search on tripwire
> http://sourceforge.net/projects/tripwire/
>
>
> Denton
>
Thanks for the tip!
--
GnuPG Key ID: ECB18ABA
Fingerprint: FDF3 91FC F5BC 1164 E217 315E 337E 219B ECB1 8ABA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://LinuxBasics.org/pipermail/qna/attachments/20071117/47f16464/attachment.pgp
More information about the QnA
mailing list