[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Roland Tarver wrote: > > Just wondering which OS/Distro people would choose for a _secure_ web server > that will continue to be supported long into the _future_? It'll be running > Apache 1.3 (unless there is a strong argument for using apache 2 yet?) For what definition of "secure". And what is it doing. It is fairly safe to serve static web pages from a machine booted from CD (you take out the disk), using https to confirm identity, doing one request per process in Apache, and then restarting the process, but is it useful? For some definitions of secure I would consider distro's like Immunix, for others I would want an OS that implements some form of persistence, so probably not *nix, or anything from MS. Secure can mean keeping the data safe from inappropriate eyes, ensuring it's integrity, or just ensuring an audit trail. What are the consequences of failure? What are the things you are afraid of happening? Down time, disclosure, fraud? OS can play a remarkably small part in your security strategy. Indeed W2K does some bits of security far better than *nix (or at least as well as *nix, but are a lot easier to implement), although nothing I can think of that would be relevant to web sites. -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+RZJUGFXfHI9FVgYRAovRAJ0bdBI13wYL5OEmuj7KQFg1Cy9azwCfftC6 m+9lJjNpMJxjLXAy/sD2qFQ= =RZOM -----END PGP SIGNATURE----- -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.