[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SUSE 9.0 Pro Production Quality?
I am currently using SUSE 9.0 on a mail relay and proxy server and this
is the mode I would be using SUSE or any other Linux distro. I am not
currently using Samba or any other package to allow my MS boxes to
connect to Linux servers. I may in the furture for a file server or
printer server. We currently have a fractional T1 and have an excellent
firewall. I am the Sys Admin so I hope I answered that in enough detail.
You didn't say wheteher you were going to use SUSE 9.0 for
a Production server or as Work stations, and whether you have
Microsoft boxes on your local net and further
how, if at all, you were going to connect to the net.
The answers to those questions all affect "our" answer.
The reason I mentioned apt-get was that from what I've read and heard,
it provides a very consistent and stable package management system and
tends to not break thens when patches or software is applied. On my
servers I usually only install security patches and bug fixes. From
what others have said, the enterprise versions tend to use older and
more tested code vs. the 9.0 Pro version. This is what Debian appears
to do as well. What I wanted to make sure was that I wasn't using
something like RH's Fedora with SUSE 9.0 :)
You did mention "apt-get".
There is an "apt-get" feature for SuSE
I don't use it, but others do:
(you can google for it, but be sure to read the "cautions")
I use "fou4s" to get my security patches from SuSE (rather than YOU).
I run fou4s in the "interactive mode, so my last step is:
fou4s -i --inversecolor --interactive
I run the stock SuSE kernel and download that separetly
much like Sandu Mihai suggested on 9/8/2004
That's why I run fou4s in the interactive mode,
if I see a kernel update I skip it and handle it separetly.
On some rpms I won't use the "patch rpm" but
prefer the "complete" rpm which I get from my local mirror, or:
I have run SuSE 8.0, 8.1, 8.2 and 9.0 as a "workstation,
and found it to be "rock solid". I use both KDE and Mozilla,
and only problems I run into is when I try leading edge stuff.
Givn that, and that this is a security list,
if you (or your System Admin) doesn't have extensive UNIX or Linux
experience I would strongly suggest that you pay someone who does
to help set up your separate firewall box.
I believe that would be money well spent whether you used
SuSE, Redhat, or Debian on your firewall box.
Hope this helps,
Eric Kahklen, MS
530 4th Ave. W.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here