[Lug-nuts] Re: [gary@garymcglinn.com: Re: Re: Snort]

On 8/8/22 09:39, saclug(a)garymcglinn.com wrote: This is a perfectly valid viewpoint. A friend in the computer security industry, a senior developer, agrees with you 100%. Like all things security, this stance has plusses and minuses, but it's sensible. If that's your choice, there's a premium on defending your system's attack surface, and maintaining due diligence. Since you've chosen Fedora, SELinux should be enabled (I know, there are a million recommendations to turn it off, all wrong) and a solid set of firewall rules should be in place. Certificate-only SSH might have prevented your last attacker from compromising the host, or a 14-character passphrase, or diligent log review. For example (fedora):   # ausearch -ts week-ago --success no --interpret or maybe   # last -x I recognize that most security recommendations present hurdles, SELinux configuration and firewall rules are no exception. I'm working on a suite of tools to help with that, but they're not ready for release. Fedora seems to be at one end of a spectrum, with perhaps Slackware on the other end, where the above strategy seems a little weak. Fedora seems to push out changes quickly and with great tumult, not infrequently requiring patches to their patches. In contrast, Slackware releases after exhaustive testing and review, and doesn't seem to chase - or incorporate- moving targets. I'm not recommending one over the other, just trying to compare and contrast. I disagree. The previous generation of developers (Alan Cox was an exemplar) were more careful, thoughtful, and expert in their craft. Kids these days... Eventually they'll get better, maybe better than the Old Guard. But for now, there are a plethora of semi-skilled Kool Kids in the fray. Perhaps my view is jaundiced because I'm doing front-end (web) development this month. Again, some distributions are like mayflies, some are like elephants. Fedora is perhaps an unconventional choice for longevity. -- Chuck Polisher