Menu
▾
▴
Re: [Devil-Linux-discuss] New to DL : Some more questions?
|
From: Zenny <gar...@gm...> - 2012-03-23 14:37:44
|
On 3/23/12, Heiko Zuerker <he...@zu...> wrote: > Zenny, > > Quoting Zenny <gar...@gm...>: >> On 3/22/12, Bruce Smith <bw...@re...> wrote: >>>>> It is also created to run off a read-only media (i.e. CDROM or ISO >>>>> image) so the base install cannot be modified or hacked. >>>>> >>>>> And the main reason I use Devil-Linux is the ease of upgrading it to a >>>>> newer version, and the ease of backing it up, since only a small tar >>>>> file containing all of your customizations needs to be backed up >>>>> (unless you're using a live hard drive server data). >>>> >>>> Yes, but that can easily be done with the debian-based voyage linux >>>> also, a portable stuff with much more packages to install and >>>> userbase. >>> >>> Besides iptables, my firewall is running dhcpd with ddns updating BIND >>> for my internal network, radvd for ipv6, ntpd for my internal network, >>> and a dynamic dns service updater. Nothing very fancy, but I can back >>> it up completely in a single tar file that is less than 125KB. If I >>> want an off-site backup, I can encrypt it and email offsite as an >>> attachment. >>> >>> And for an upgrades, all I have to do is download and burn a new ISO >>> image. And if for some reason there is a problem with the update, I >>> can go back to my old ISO. Much easier than a regular disk-installed >>> Linux distro. >>> >>>> Just wondering what makes DL so special and secure compared to others? >>>> >>>> I could not find the kind of the security measures that DL took or the >>>> concept (like http://www.openwall.com/Owl/CONCEPTS.shtml). Any >>>> pointers to such docuemnts? >>> >>> Most of the security measures are listed here: >>> http://www.devil-linux.org/product/features.php >>> >> >> They are good features, yet ... >> >>> Let me know if that's not what you're looking for. >> >> I am looking for something like >> http://www.openwall.com/presentations/Owl/ which explains in detail >> the measures taken in order to secure system architecture (not only to >> patch with grsec, however you confirmed that non-server flavor has no >> patch either), and the packages that GCC stack overflow was not >> addressed. > > I understand that you want to know all these details, but... > We develop DL in our spare time (and you don't pay a cent for it) and > the same goes for any documentation which is available. I am yet to use it either. So I have no obligation to pay. You don't go to a shopping spree and start paying before you liked something. And that is more true in the FLOSS movement. Your remark that 'you don't pay a cent of it' sucks in the FLOSS world and gives an impression of what you are made of! > We also > heavily depends on the contributions from our users. If you want to > know any more details on DL specific features, you'll have to do the > leg-work yourself and google around. Nope, the burden of proof lies to the developers. > There's nothing magic we're doing > in DL. Everything we do and use is publicly available. > IF you decide to do all this research into all the various security > details, how about putting everything into a nice presentation so that > we can put it on our website? I already stopped exploring because it was like groping in the dark. Best of luck to your project, but I bid adieu to DL as well as this mailing list! > > -- > > Regards > Heiko Zuerker > http://www.devil-linux.org > > > > ------------------------------------------------------------------------------ > This SF email is sponsosred by: > Try Windows Azure free for 90 days Click Here > http://p.sf.net/sfu/sfd2d-msazure > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss > |
