Re: Pro-active Security Software?

From: /dev/rob0 (rob0_at_gmx.co.uk)
Date: 08/06/03


Date: Tue, 5 Aug 2003 22:16:20 -0700

In article <6k_Xa.12116$mZ6.1147@nwrdny02.gnilink.net>,
  Nico Kadel-Garcia wrote:
>>>Out-of-the-box security is a big plus,
>>
>> Few really achieve this AFAIK. Those that do (Red Hat) do it with a
>> brain-dead, totally useless DROP-everything firewall. No matter what, I
>
> I actually wouldn't recommend RedHat for this. The update path is

I really wasn't. I was just trying to make the point that OOTB security
is probably overrated. I remember a frustrating afternoon I spent with a
newbie and a fresh RH 7.1 install ... couldn't ping it, couldn't connect
to ANYTHING it was running. I checked iptables ... nope. Took me 2 hours
to think to check ipchains! (WTF did they stick with ipchains in a
2.4.x-based release?!?)

But hey, it's [mostly] secure OOTB.

> Hell, ever tried to rip all the *GAMES* out of a RedHat system to
> lighten it up? Or all the X/gtk/tk/tcl appliances?

Hahaha, no, I never had the, uh, pleasure. :)

-- 
  /dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
  or put "not-spam" or "/dev/rob0" in Subject header to reply


Relevant Pages

  • Re: Log File Question
    ... I am using Red Hat 7.1 with ipchains and pmfirewall. ... >> what you are seeing is an alert indicating that a dynamic firewall rule ...
    (comp.os.linux.security)
  • RE: disable firewall
    ... General Red Hat Linux discussion list ... Flush all chains (I'm assuming 6.1 used ipchains). ... -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ...
    (RedHat)
  • Re: ipchains and tcp-wrappers not playing nice?
    ... > Red Hat 6.1 kernel 2.2.12-20 ... > Anybody else notice tcp-wrappers not working properly when ipchains is ...
    (comp.os.linux.security)
  • Re: stop ipchains
    ... Support of ITShield Firewall ... > I have changed my Red Hat 7.3 server and don't need ipchains to start up ...
    (comp.os.linux.networking)