That works, thanks Christopher. Just a recommendation, if you find yourself serving the internet, a HIDS of some sort comes in handy. It personally helps me sleep at night, lol. It does wonders for keeping a general administrative birds eye view on your file systems too. All those gremlins...
ty,
--eddie
> Date: Mon, 9 Nov 2009 18:52:12 -0900
> From: choward@indicium.us
> To: aklug@aklug.org
> Subject: [aklug] Re: HIJACKED THREAD! HA HA HA! [was Re: hosted distros]
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> captgoodnight captgoodnight wrote:
> > Yeah, i guess my loud self did hijack the thread, caught in the moment... Just curious.
> >
> > "Since I don't even know what tripwire is I can't answer on that point." <- Dude, check it http://sourceforge.net/.
> >
> > bests,
> > --eddie
> >
> > back to normal programming.
> >
> >
> >
> >
> >> Date: Mon, 9 Nov 2009 14:13:04 -0900
> >> From: choward@indicium.us
> >> To: aklug@aklug.org
> >> Subject: [aklug] Re: HIJACKED THREAD! HA HA HA! [was Re: hosted distros]
> >>
> >
> >
> > captgoodnight captgoodnight wrote:
> >>>> I stopped using Gentoo years ago due to the use of tripwire and the abundance of changing files and such, as a security admin it was a pain to keep up with - ROI...
> >>>>
> >>>> Has that changed?
> >>>>
> >>>> ty,
> >>>> --eddie
> >>>>
> > Since I don't even know what tripwire is I can't answer on that point.
> >
> > I'm also no security admin -- just a desktop user and an applications
> > programmer. But there are plenty of people at forums.gentoo.org who
> > would be glad to answer your questions.
> >
> > Regarding security: As far as keeping track of security issues, it seems
> > pretty easy to me just to following the official Gentoo security
> > announcements, which are available at the official website or through
> > eselect news announcements, and which always come with specific
> > recommendations and instructions. There are also a number of different
> > profiles you can choose from that I handle the default options and
> > configuration. On my architecture:
> >
> > [1] default/linux/x86/10.0
> > [2] default/linux/x86/10.0/desktop *
> > [3] default/linux/x86/10.0/developer
> > [4] default/linux/x86/10.0/server
> > [5] hardened/linux/x86/10.0
> > [6] selinux/2007.0/x86
> > [7] selinux/2007.0/x86/hardened
> > [8] selinux/v2refpolicy/x86
> > [9] selinux/v2refpolicy/x86/desktop
> > [10] selinux/v2refpolicy/x86/developer
> > [11] selinux/v2refpolicy/x86/hardened
> > [12] selinux/v2refpolicy/x86/server
> >
> > Regarding adminstration: I suppose it might be a little easier
> > administration-wise to use a distro that only makes non-security updates
> > available in six-month or one-year periods. But even though Gentoo makes
> > it possible to run software that is only a few weeks old, with all the
> > latest code and features, there is nothing to stop you from updating
> > your system less frequently if that is what you want to do.
> >
> > Usually I just update software when there is a security announcement, or
> > when I really want the latest features of some game, office app, or
> > development library. Gentoo lets me know before installation if an older
> > package cannot co-exist with one I am trying to install.
> >
> > - From what I've learned so far, I would think Gentoo system
> > administration would be quite doable, even in a large production
> > environment, though it would require a different approach and mindset
> > than what you usually expect working with your typical binary-based distro.
> >
> - ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
> >>
>
> > _________________________________________________________________
> > Bing brings you maps, menus, and reviews organized in one place.
> > http://www.bing.com/search?q=restaurants&form=MFESRP&publ=WLHMTAG&crea=TEXT_MFESRP_Local_MapsMenu_Resturants_1x1
> > ---------
> > To unsubscribe, send email to <aklug-request@aklug.org>
> > with 'unsubscribe' in the message body.
>
> "Open Source Tripwire® software is a security and data integrity tool
> useful for monitoring and alerting on specific file change(s) on a range
> of systems. The project is based on code originally contributed by
> Tripwire, Inc. in 2000."
>
> Okay, I guess I know what it is now, though I don't have enough
> incentive yet to research what it is used for or why I should care.
>
> I see it is available through an ebuild in the portage tree, but it is
> not installed on my system. I've installed four Gentoo systems so far
> and not run into it... does that answer your original question?
>
> - --
> Christopher Howard
> http://indicium.us
> http://theologia.indicium.us
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkr442wACgkQQ5FLNdi0BcXA0QCfcz6Uvj07I9lPqDP5QVn3EbSa
> ZfUAn2yDyStc1ruxU4eAy0Pwh8MGGK1o
> =ihGt
> -----END PGP SIGNATURE-----
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
_________________________________________________________________
Hotmail: Trusted email with Microsoft's powerful SPAM protection.
http://clk.atdmt.com/GBL/go/177141664/direct/01/
http://clk.atdmt.com/GBL/go/177141664/direct/01/
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Nov 9 23:12:45 2009
This archive was generated by hypermail 2.1.8 : Mon Nov 09 2009 - 23:12:45 AKST