Am 29.06.2015 um 15:46 schrieb Sorin Srbu <sorin.srbu@xxxxxxxxxxxxx>:
>>
>>> Please note: I'm not criticizing, just curious about the argument
>>> behind using a regular OS to do firewall-stuff.
>>>
>>
>> Maintenance.
>>
>> A consistent set of expectations does wonders for debugging odd-ball
>> occurrences. Why learn the idiosyncrasies of two distros when one
> suffices?
>> Just start with a minimal CentOS install on your router/gateway and add
> only
>> the packages that you know that you need.
>> Any critical omission will evidence itself in short order and can be added
> then;
>> or the source of the need removed as circumstance warrants.
>
> Sorry for OT.
>
> Even considering a minimal CentOS install, is that still less minimal than
> e.g. Smoothwall or Ipcop?
> In my world, security has a price and, and that might be the need to learn
> another distro in order to minimize security issues (and maybe as in this
> case minimize attack-surfaces).
>
> Still just curious about the arguments pro/con regular OS:s as firewall. 8-)
+1 - we use here for "all" the same distro because normally the most security holes are
done by the configuration abilities of humans. to catch this effectively the distro is
not a variable. Therefore I appreciate the great work of the "CentOS on ARM7"-team!
--
LF
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
