Firewall Wizards mailing list archives
Re: Custom Unix server installations -- to harden extensively ?
From: Barney Wolff <barney () databus com>
Date: Thu, 15 May 2003 13:02:00 -0400
On Wed, May 14, 2003 at 06:27:35AM -0700, salgak () speakeasy net wrote:
Well, once upon a time, there was a distribution called "Storm Linux" which was designed, from day one, to be a firewall. Unfortunately, I've seen neither hide nor hair of Stormix Technologies since sometime in 2001, and the website comes up "not available at this time". But, thanks to Distrowatch, I DID find a mirror of the ISO of it: http://public.ftp.planetmirror.com/pub/storm/iso/ I'll be d/ling it myself in the next day of three (Mandrake 9.1 is still coming down on the home box. . .)
It may be stating the obvious, but something that may have been secure in 2001 will not be secure today, since it won't have had fixes for bugs discovered since then. Sure, you don't need fixes for stuff you've turned off, but there have certainly been kernel security fixes in the last two years and you didn't turn off the kernel. It would be lovely to have something that could be set up once and stay secure forever. Fantasy. That doesn't make turning stuff off useless, because it does reduce the frequency of fixes you must apply, by enough so that you can actually keep up. -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Custom Unix server installations -- to harden extensively ?, (continued)
- RE: Custom Unix server installations -- to harden extensively ? Keith A. Glass (May 14)
- RE: Custom Unix server installations -- to harden extensively ? Ben Nagy (May 14)
- Re: Custom Unix server installations -- to harden extensively ? Carson Gaspar (May 14)
- Re: Custom Unix server installations -- to harden extensively ? Devdas Bhagat (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Bill Royds (May 16)
- Re: Custom Unix server installations -- to harden extensively ? Marcus J. Ranum (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Matthew Kirkwood (May 16)
- Re: Custom Unix server installations -- to harden extensively ? Devdas Bhagat (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Crispin Cowan (May 14)
- Re: Custom Unix server installations -- to harden extensively ? Mason Schmitt (May 15)
- RE: Custom Unix server installations -- to harden extensively ? salgak (May 15)
- Re: Custom Unix server installations -- to harden extensively ? Barney Wolff (May 15)
- RE: Custom Unix server installations -- to harden extensively ? Keith A. Glass (May 16)
- RE: Custom Unix server installations -- to harden extensively ? R. DuFresne (May 16)
- Re: Custom Unix server installations -- to harden extensively ? Barney Wolff (May 15)
- RE: Custom Unix server installations -- to harden extensively ? Keith A. Glass (May 14)