Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: AW: Re: Selecting OS for High-availability/mission-critical w eb portal
From: Gruber Christoph (christoph.gruberwave-solutions.com)
Date: Wed Dec 13 2006 - 06:24:02 CST
> -----Original Message-----
> From: "J. Simonetti" <jeroensimonetti.nl>DSI
> Tbh, I totally disagree here. LFS is nice to get started when learning
That's why I said, it may help you.
> but for a critical servers you need some sort of package
> management and well maintained repository.
And then? apt-get update; apt-get upgrade; with cron every hour?
You are kidding.
> You cannot spend your time
> updating and compiling software and fixing patches every time there is
> an update whilst the next zlib/ssl exploits are floating
> around the net.
I have to spend the time, and if my server is REALLY critical, I will have
to. Ans most of the time, my team is faster than debian.
> One thing I do agree with is creating a custom kernel suited for your
Suited for the hardware and implementing a couple of security features.
> I think the basis for a mission critical server is its hardware. Make
> sure you select hardware wich is well known and widely
> supported for the
> distro you intend to run. Don't choose exotic hardware raid cards just
> because they might work good. Choose the one wich has the
> best drivers.
> The same goes for all other hardware offcourse.
The hardware can do a lot for availability, of course, but nothing for
security (except physical security)
> Now for the distro to choose there is a wide variety which
> can be used.
> Whatever your needs are, pick a distro with good support. Depending on
> what kind of server you need to run choices could be (but are not
> limited to) Openbsd for firewalls/security, Solaris for stability and
Ever tried to customize your Solaris-kernel?
> Debian for feature richness or Redhat Enterprise for a large
> hardware base and its support.
> If pure stability is the only factor in my decision I would go for
> Openbsd or Solaris and choose hardware which is 'known-to-be-good' for
> those platforms.
Christoph Gruber, CISM
Chief Security Officer
WAT1SD, Security & Data Protection
WAVE Solutions Information Technology GmbH
A-1090 Wien, Nordbergstraße 13
Tel.: +43 (1) 71730-53514, Fax: +43 (1) 71730-54230