Re: [cobalt-developers] Re: (OT) SPARCRaQ (cobalt-developers digest, Vol 1 #1392)

["E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>]

> Date: Sun, 24 Mar 2002 09:29:56 -0800
> From: Jeff Lasman <jblists@xxxxxxxxxxxxx>

(Snipped again.  Separate message for different topic.  Probably 
should fork the thread soon...)


> I admit I've never tried Debian.  Perhaps I will for a system I want to
> put into production in another week or so.  What's the BEST place to
> download ISOs?  If they don't support my NIC (so far only RedHat >= 7.1
> does of all I've tried) will it be a real pain?  Or just a module ?  I
> presume I won't have to recompile the kernel, but only build and rename
> a module?  Swapping the NIC isn't the option; it's built-on to the
> slotless motherboard <frown>.

Why not recompile your kernel?  Maybe I'm just pedantic, but I
never run a generic kernel on a production machine -- not even on
OpenBSD where they recommend it.

Modules are convenient, but I prefer to turn them off.  They're
just one more thing that someone could trojan in the event that a
system was compromised.  Unlikely, perhaps, but I can certainly
live without modules.

It would be nice if Linux had (or maybe they do, and I'm behind
on things) something a la "sysctl -w kern.securelevel=xxx" to
disable module loading.

I'm eager to see the results of the FreeBSD and Linux hardening
projects that are underway.


Eddy

Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
--

Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.  Do NOT
send mail to <blacklist@xxxxxxxxx>, or you are likely to be blocked.