netfilter firewalling problems and solutions

Ian Molton spyro at f2s.com
Thu Feb 19 18:17:04 PST 2004


On Thu, 19 Feb 2004 18:32:21 -0600
Dagmar d'Surreal <dagmar.wants at nospam.com> wrote:

> 
> I can tell you from personal experience once you get above five or six
> boxes, it becomes increasingly problematic to maintain them by building
> packages on the hosts themselves.  I'm not recommending any specific
> package manager because anything that can turn a bunch of binaries into
> a single file that you can drop into other machines will do the trick
> for the purposes of rollbacks.  As to the other point you made...
> 
> "...don't think the book should default to removing the compiler..."
> 
> Basically, I don't think it's entirely necessary to remove the compiler,
> but rather more efficient to never install one when building the
> filesystems for production machines.

What is this book about? turning a LFS system into a production box, or teaching people how to build a generally secure box for themselves?

I'd like a 'hardened' box for my personal use, not just a server.

-- 
Spyros lair: http://www.mnementh.co.uk/   ||||   Maintainer: arm26 linux

Do not meddle in the affairs of Dragons, for you are tasty and good with ketchup.



More information about the hlfs-dev mailing list