Re: Linux Distribution Recomendation - RYO

["Andy F" <a__j__f () hotmail com>]

> If you are looking for security related products, I think it is wise to 
> look
> at what those products cannot do instead of what they can do.

I second Peter on that.  I am a firm beleiver in security through minimalism 
and have built a couple of my own distros. To really be in control you 
should consider rolling your own. There is an offshoot of the LFS (linux 
from scratch) project called HLFS (hardened lfs) who's list I follow. They 
are starting with a 2.4 Kernel and minimal audited toolchain to build a core 
incorporating some NSA work and other ideas. Should make a _very_ tight core 
for embedded and specialised secure applications.


The philosophy is simple and powerful -

1) Know what the system must do
2) Implement ONLY that functionality

In my case I want secure NAS boxes, which boils down to an xfs filesystem 
and scp - everything else has been pulled out - you can't even ls without 
moving in a toolkit:)

_________________________________________________________________
Express yourself with cool emoticons - download MSN Messenger today! 
http://www.msn.co.uk/messenger


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------