[Gslug-general] Snort
Glenn Stone
technoshaman at liawol.org
Sun Jan 13 00:19:49 PST 2008
On Sat, Jan 12, 2008 at 11:28:02PM -0800, Aaron O. Appelbaum wrote:
>
> Aren't Puppy and DSL both geared towards using a GUI? I am looking for
> a clean distro without X and other DM applications installed. Just a
> current kernel and Snort. What do you think of FreeBSD for this
If I was going to go that way, I'd go with Open, not Free... Open has a
smaller footprint than Free and is more security-oriented. Last I checked a
fully-funcitonal OpenBSD (but, no compilers, which you probably don't want
on a dedicated snortbox anyway) is about 70mb.
OTOH... Puppy in particular may be *geared towards* GUI but it doesn't *have
to* be used in a GUI, just the same as Ubuntu is *geared towards* a GUI but
is reasonably easily installed in server mode.
The issue I have with the BSD's is the same as I have with Gentoo... when
updating you end up recompiling the world. That's fine on a hotrod box, but
most of the time a snortbox is gonna be some boatanchor you've got sitting
around... which means updating is a real pain in the ASCII. And besides,
compilers on a dedicated securebox is asking for it. (Heck, Wilder won't
even do a modular kernel; I think that's going a bit far, I'd just mount
everything read-only and log to a remote syslog server if I was gonna do
that...) Much prefer something Debianesque for itty bitty boxen... Puppy is
technically based on Slack but has a package updater that sorta kinda
resembles apt....
So I've thrown out a whole bunch of options; ultimately which distro you use
is going to be as much a matter of taste as anything. Although for
something ubersecure I think I'd want something booting from read-only media
(and just do my upgrading offline, then swap media and bounce the box)....
there are LiveCD's for Puppy, DSL, OpenBSD, and a few other dedicated
firewall-y things... hmm, this looks interesting:
http://www.alti.at/knowhow/obsdlivecd/index.php
(It's how to build your own OpenBSD LiveCD...)
You can also google up Linux LiveCD; the canonical list is first, on
FrozenTech...
-- Glenn
More information about the Gslug-general
mailing list