Focus on Linux
RE: AW: Re: Selecting OS for High-availability/mission-critical web portal Dec 13 2006 12:24PM
Gruber Christoph (christoph gruber wave-solutions com)
> -----Original Message-----
> From: "J. Simonetti" <jeroen (at) simonetti (dot) nl [email concealed]>@DSI
> Tbh, I totally disagree here. LFS is nice to get started when learning
> linux,

That's why I said, it may help you.

> but for a critical servers you need some sort of package
> management and well maintained repository.

And then? apt-get update; apt-get upgrade; with cron every hour?
You are kidding.

> You cannot spend your time
> updating and compiling software and fixing patches every time there is
> an update whilst the next zlib/ssl exploits are floating
> around the net.

I have to spend the time, and if my server is REALLY critical, I will have
to. Ans most of the time, my team is faster than debian.

> One thing I do agree with is creating a custom kernel suited for your
> hardware.

Suited for the hardware and implementing a couple of security features.

> I think the basis for a mission critical server is its hardware. Make
> sure you select hardware wich is well known and widely
> supported for the
> distro you intend to run. Don't choose exotic hardware raid cards just
> because they might work good. Choose the one wich has the
> best drivers.
> The same goes for all other hardware offcourse.

The hardware can do a lot for availability, of course, but nothing for
security (except physical security)

> Now for the distro to choose there is a wide variety which
> can be used.
> Whatever your needs are, pick a distro with good support. Depending on
> what kind of server you need to run choices could be (but are not
> limited to) Openbsd for firewalls/security, Solaris for stability and
> support,

Ever tried to customize your Solaris-kernel?

> Debian for feature richness or Redhat Enterprise for a large
> hardware base and its support.
> If pure stability is the only factor in my decision I would go for
> Openbsd or Solaris and choose hardware which is 'known-to-be-good' for
> those platforms.

Best regards

--
Christoph Gruber, CISM
Chief Security Officer
WAT1SD, Security & Data Protection
WAVE Solutions Information Technology GmbH
A-1090 Wien, Nordbergstraße 13
Tel.: +43 (1) 71730-53514, Fax: +43 (1) 71730-54230
mobile: +436648122661
christoph.gruber (at) wave-solutions (dot) com [email concealed]
http://www.wave-solutions.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus