Firewall Wizards mailing list archives
RE: Custom Unix server installations -- to harden extensively ?
From: "Keith A. Glass" <salgak () speakeasy net>
Date: Thu, 15 May 2003 21:33:34 -0400
-----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Barney Wolff Sent: Thursday, May 15, 2003 1:02 PM To: firewall-wizards () icsalabs com Subject: Re: [fw-wiz] Custom Unix server installations -- to harden extensively ? On Wed, May 14, 2003 at 06:27:35AM -0700, salgak () speakeasy net wrote:
Well, once upon a time, there was a distribution called "Storm Linux"
which was designed, from day one, to be a firewall. Unfortunately, I've seen >neither hide nor hair of Stormix Technologies since sometime in 2001, and the website comes up "not available at this time".
But, thanks to Distrowatch, I DID find a mirror of the ISO of it: http://public.ftp.planetmirror.com/pub/storm/iso/ I'll be d/ling it myself in the next day of three (Mandrake 9.1 is still
coming down on the home box. . .)
It may be stating the obvious, but something that may have been secure in 2001 will not be secure today, since it won't have had fixes for bugs discovered since then. Sure, you don't need fixes for stuff you've turned off, but there have certainly been kernel security fixes in the last two years and you didn't turn off the kernel.
Since it's Debian, can YOU say apt-get ????
It would be lovely to have something that could be set up once and stay secure forever. Fantasy. That doesn't make turning stuff off useless, because it does reduce the frequency of fixes you must apply, by enough so that you can actually keep up.
Like I said, I'll D/l it, so how tough it is to update the packages. . _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Custom Unix server installations -- to harden extensively ?, (continued)
- RE: Custom Unix server installations -- to harden extensively ? Ben Nagy (May 14)
- Re: Custom Unix server installations -- to harden extensively ? Carson Gaspar (May 14)
- Re: Custom Unix server installations -- to harden extensively ? Devdas Bhagat (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Bill Royds (May 16)
- Re: Custom Unix server installations -- to harden extensively ? Marcus J. Ranum (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Matthew Kirkwood (May 16)
- Re: Custom Unix server installations -- to harden extensively ? Devdas Bhagat (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Crispin Cowan (May 14)
- Re: Custom Unix server installations -- to harden extensively ? Mason Schmitt (May 15)
- RE: Custom Unix server installations -- to harden extensively ? salgak (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Barney Wolff (May 15)
- RE: Custom Unix server installations -- to harden extensively ? Keith A. Glass (May 16)
- RE: Custom Unix server installations -- to harden extensively ? R. DuFresne (May 16)
- Re: Custom Unix server installations -- to harden extensively ? Barney Wolff (May 15)