D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Which OS/Distro for secure production web server



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Roland Tarver wrote:
>
> Just wondering which OS/Distro people would choose for a
_secure_ web server
> that will continue to be supported long into the _future_?
It'll be running
> Apache 1.3 (unless there is a strong argument for using apache
2 yet?)

For what definition of "secure". And what is it doing.

It is fairly safe to serve static web pages from a machine
booted from CD (you take out the disk), using https to confirm
identity, doing one request per process in Apache, and then
restarting the process, but is it useful?

For some definitions of secure I would consider distro's like
Immunix, for others I would want an OS that implements some form
of persistence, so probably not *nix, or anything from MS.

Secure can mean keeping the data safe from inappropriate eyes,
ensuring it's integrity, or just ensuring an audit trail. What
are the consequences of failure? What are the things you are
afraid of happening? Down time, disclosure, fraud?

OS can play a remarkably small part in your security strategy.
Indeed W2K does some bits of security far better than *nix (or
at least as well as *nix, but are a lot easier to implement),
although nothing I can think of that would be relevant to web sites.
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+RZJUGFXfHI9FVgYRAovRAJ0bdBI13wYL5OEmuj7KQFg1Cy9azwCfftC6
m+9lJjNpMJxjLXAy/sD2qFQ=
=RZOM
-----END PGP SIGNATURE-----

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly