On Thu, Feb 17, 2005 at 07:51:13PM -0800, JM wrote:
> Hello,
>
> * Besides grsecurity patch, pax etc...What other recommendations are there
> to patch a kernel on a woody or sarge production server?
I like using non-modular kernels to prevent LKMs
> * Any experiences/opinions with the debian-har
On Fri, Feb 18, 2005 at 02:14:35AM +0100, kurt kuene wrote:
> 1)
> running unstable.
> the updates are faster. security should be better then in testing.
> but stability is far better in testing.
> so the question is:
> is it better to have a broken service or an insecure one?
It is better to ha
Since no one has responded to this recently. The 2005 key is out
there. I don't know when, but it is there.
And it is also here:
-BEGIN PGP PUBLIC KEY BLOCK-
mQGiBEH9wGgRBAC8D4O7cg/NDDvP2GT+yuX8duhK0DexhCy94TTNNs63YYMdXDJx
iY5V3Dt79r1ZeMmyNEdWFnvq39/0h+qQwPLbsd5eroxk/XMeBsz/OQP7FJ+f1S
Hello,
* Besides grsecurity patch, pax etc...What other recommendations are there
to patch a kernel on a woody or sarge production server?
* Any experiences/opinions with the debian-hardened kernels?
* Is it that terrible running X if access is not allowed from the network,
only locally?
Thanks
On 18 Feb 2005, kurt kuene wrote:
> * I have to use testing (sarge). *
Have to?
> All of my 3 webservers (apache php mysql java tomcat). on two other
> webserver I run woody with some packages from sarge (apt-pining) and
> the mail relay servers (spamassasin amavisd postfix clamav).
IIRC, all of
hi
* I have to use testing (sarge). *
All of my 3 webservers (apache php mysql java tomcat).
on two other webserver I run woody with some packages from sarge (apt-pining)
and the mail relay servers (spamassasin amavisd postfix clamav).
I run sarge because I need more recent packages and I do no
6 matches
Mail list logo
