> On 5/31/06, Timothy A. Holmes <[EMAIL PROTECTED]> wrote: > > > > Neil - > > > > I understand your suggestion -- I used the installer as an attempted > > shortcut after having done several (5+) installs via the basic disk and > > the handbook. I have paid for that error in spades - believe me -- > > since then I have done an additional 5 or so installations by hand from > > the basic disk. I understand the processes there, I was hoping to > > rescue the additional time for the snort install etc by being able to > > just recompile stuff rather than have to start over from the beginning, > > the system is currently running, so I may just end up putting off the > > rebuild till this summer when I have a bit more time -- I was hoping to > > be able to change the use flags, build a new kernel and be done with it, > > but that doesn't look to be the case > > Tim... > > I concur with Neil's assessment that you should just wipe the box and > start afresh, the main reason being that you should be running > hardened sources and USE="-*" instead of trying to do a basic install. > Security related boxes such as firewalls, routers, and IDS should be a > slim as possible to eliminate potential for security holes and in all > cases they should be running with the hardened profile. Just my $0.02. > > -Mike
[Timothy A. Holmes] Mike and Neil -- Ok -- sounds good to me -- At this point then, I am going to actually build a second box for snort perhaps using the hardened sources (I am not in the least comfortable with running hardened on a production box). This will allow me to get things working and evaluate the stability of the hardened sources in my production environment. Thanks a bunch for the input TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
