bhlfs

Heiko Zuerker heiko at zuerker.org
Mon Jan 17 09:33:28 PST 2005


> Where does beyond-hlfs stuff belong? The most convenient place for me is
> adding a chapter08,09,10. The first packages I have in mind are iptables
> with
> the grsecurity patch, tripwire, grsec-admin (acls), and openssl.

I would not add the iptables patch from grsecurity.
"Stealthness" can easily be achieved with good firewall rules and should
not happen 'automatically'.

> Iptables, tripwire, and acl, chains/polices would be added to every
> package
> after. Even though these three are in different categories they would have
> to
> get installed before any other optional packages.
>
> So maybe call this category (chapter08) "Policy enforcement and intrusion
> detection"? This could also include a cron daemon and /etc/weekly scripts.
>
> Then chapter09 would be something like "Network services"?
>
> Anyone have another idea?

Take a look at our CVS repository (the 'build' module), so you don't have
to invent the wheel twice:
http://sourceforge.net/projects/devil-linux/

-- 
Regards
  Heiko Zuerker
  http://www.devil-linux.org




More information about the hlfs-dev mailing list