Home page logo

basics logo Security Basics mailing list archives

Re: Linux Distribution Recomendation - RYO
From: "Andy F" <a__j__f () hotmail com>
Date: Tue, 09 Mar 2004 11:54:17 +0000

If you are looking for security related products, I think it is wise to look
at what those products cannot do instead of what they can do.

I second Peter on that. I am a firm beleiver in security through minimalism and have built a couple of my own distros. To really be in control you should consider rolling your own. There is an offshoot of the LFS (linux from scratch) project called HLFS (hardened lfs) who's list I follow. They are starting with a 2.4 Kernel and minimal audited toolchain to build a core incorporating some NSA work and other ideas. Should make a _very_ tight core for embedded and specialised secure applications.

The philosophy is simple and powerful -

1) Know what the system must do
2) Implement ONLY that functionality

In my case I want secure NAS boxes, which boils down to an xfs filesystem and scp - everything else has been pulled out - you can't even ls without moving in a toolkit:)

Express yourself with cool emoticons - download MSN Messenger today! http://www.msn.co.uk/messenger

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html

  By Date           By Thread  

Current thread:
  • Re: Linux Distribution Recomendation - RYO Andy F (Mar 09)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]