Focus on Linux
Selecting OS for High-availability/mission-critical web portal Nov 29 2006 02:13PM
Mohammad Halawah (mhalawah gmail com) (3 replies)
Re: Selecting OS for High-availability/mission-critical web portal Dec 04 2006 09:08PM
Ronald MacDonald (ronald rmacd com) (2 replies)
Re: Selecting OS for High-availability/mission-critical web portal Dec 06 2006 10:30AM
Javier Miguel Rodríguez (javier miguel talika eii us es)
RE: Selecting OS for High-availability/mission-critical web portal Dec 06 2006 08:08AM
Mario A. Spinthiras (mario netway com cy) (1 replies)
Re: Selecting OS for High-availability/mission-critical web portal Dec 08 2006 07:26PM
Corey A. Johnson (cjohnson cniweb net) (1 replies)
Re: Selecting OS for High-availability/mission-critical web portal Dec 12 2006 08:05PM
Razvan Cosma (razvan cosma catv telemach ro)
Hi Mohammad & everyone,
After watching this thread for a while, I notice everyone suggests
solutions for discrete issues, with an evident bias towards a more
familiar software platform, hardware infrastructure or way of thinking
according to the responders' experience and level of knowledge. As
someone famous said earlier, security is not a ready-made solution, but
a continuous process. Same can be said about "high availability"
whatever that means in your context. If you seek security, consider the
people who will access and modify your secure system - do you trust
them? of course you don't, look into cvs/svn/unionfs. The target
visitors - are all of them simply browsers? Look into round-robin DNS
(bind) and balancing proxies (squid), configure all web contents to be
static and maybe generate new pages periodically. Do you require some
form of feedback from the visitors? Ensure proper input validation (this
depends on the programming language used, as a hint magic_quotes is BAD,
$sql->prepare is GOOD) and - for filesystem access, look into Linux 2.6
and find out about ACLs and inheritance, configure rsync to replicate
the data among several hosts. If you need a database, MySQL (has several
interfaces for a dozen of platforms/languages) offers easy replication,
also from my experience you can use Microsoft's SQL (libtds in Linux).
Should the worst happen - try to limit the impact by using any of the
following: chroot(1), vserver(linux-vserver.org), Xen(xensource.com),
VMWare(vmware.com)
..this checklist could go on for many pages, if you need a specific
answer please try to limit the scope of your question.

Kind regards
Razvan

Corey A. Johnson wrote:
> Glad you mentioned Solaris Mario. I was holding back since this is a
> linux list.
>
> But i agree.. if Linux is not a must.. i would strongly recommend
> solaris 10 on a nice AMD opteron box.
>
> And if you went that direction.. go with a multi-cpu and/or multi-core
> and configure Solaris zones to isolate the different applications
> running on the server. Or at least two zones.. your main global zone..
> and a zone for all applications..
>
> Mario A. Spinthiras wrote:
>
>
>> If linux was a must then I would personally use Debian. It comes ready
>> with some HA support from the linux-ha project.
>>
>> If you can have a flexible choice id say solaris without second thought.
>>
>>
>> Mario. A. Spinthiras
>>
>>
>>
>> -----Original Message-----
>> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
>> On Behalf Of Ronald MacDonald
>> Sent: Monday, December 04, 2006 11:08 PM
>> To: Mohammad Halawah
>> Cc: focus-linux (at) securityfocus (dot) com [email concealed]
>> Subject: Re: Selecting OS for High-availability/mission-critical web
>> portal
>>
>> Hi Mohammad,
>>
>> Not meaning to turn this into a "my distro's better than yours"
>> thread, but for stability and security, I'd recommend having a serious
>> look at Debian. It's easily stripped down to its most essential
>> components for a nice small footprint and is easy to keep up to date
>> with the apt system. As for performance, I suppose every
>> implementation of a distro varies, but I'd it's is pretty adequate.
>>
>> In terms of hardening the OS, there's obviously a few ways to go about
>> it. The most foolproof way is just "don't do anything stupid" - don't
>> run any services you don't need, don't bother with gimmicky
>> applications, just leave it all at the bare minimum. Also, there's a
>> lot of good reading out there (more so with linux) as regards to
>> hardening the OS. Incidentally, Bastille springs to mind - it's a good
>> starting point to hardening your system.
>>
>> Regards,
>> Ronald.
>>
>>
>>
>>
>
>

[ reply ]
Re: Selecting OS for High-availability/mission-critical web portal Dec 03 2006 02:57AM
hwertz voltron homelinux org (1 replies)
RE: Selecting OS for High-availability/mission-critical web portal Dec 02 2006 07:08PM
terry (tvernon24 comcast net) (1 replies)
Re: Selecting OS for High-availability/mission-critical web portal Dec 03 2006 10:43PM
Vishal (vishal gnutech gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus