[Cialug] CentOS & GPT

Josh More MoreJ at alliancetechnologies.net
Tue Sep 7 21:02:30 CDT 2010 

I understand where you're coming from, and I was probably too flippant in my earlier response.

Here's the thing.  The more things running on a server the greater a chance of compromise.  We've all heard for years now that we should only run software on servers if it's entirely necessary.  We've all ignored this "best practice" at various times, and some of us have likely been burned by it.

The problem is that we're in something of a new age of attacks.  We're seeing attackers specifically leverage the tools we use for documentation, specifically PDF readers and web browsers.  More disturbingly, we're seeing attacks that specifically target administrative tools.  Sure, webmin attacks are old news, but attacks against syslog servers (that do nothing except execute in pcap parsers when you research what's going on) and the like are on the rise.

Really, if you need a system with documentation-reading abilities, use a laptop.  If you're in a server room, you should be able to plug into a network even if you don't have wifi/cell access.

The easiest systems to maintain are the simplest systems.  Simple systems don't run GUIs.  Even Microsoft has (finally) learned this lesson.

Now, that's not to say that there is no reason to ever run a GUI on a server.  If you're running a honey pot, it would be really useful.  ;)   Also, as has been noted, some distros have a tangled dependency chain, and installing certain apps or libraries may have GUI requirements that don't really make sense.  If you wind up in that situation, it may be a good time to reconsider the distro you're using.



-Josh More, CISSP, GIAC-GSLC, GIAC-GCIH, RHCE, NCLP
morej at alliancetechnologies.net<mailto:morej at alliancetechnologies.net>
515-245-7701
________________________________
From: cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of Tim Champion [timchampion at gmail.com]
Sent: Tuesday, September 07, 2010 20:09
To: Central Iowa Linux Users Group
Subject: Re: [Cialug] CentOS & GPT

makes it easier to google for the solution to the problem you are having while sitting at the console, but I guess the answer to that would be you are connected via ssh from your desktop in your office. - that has a GUI.

But honestly, I've been in the server room at the console, and was really happy that the machine I was currently working on had firefox for googling, and I didn't have to switch the kvm over to a windows box so I could hit google.  xwindows doesn't really slow the computer down, especially when idle.

Tim Champion
timchampion at gmail.com<mailto:timchampion at gmail.com>


On Tue, Sep 7, 2010 at 7:44 PM, Josh More <MoreJ at alliancetechnologies.net<mailto:MoreJ at alliancetechnologies.net>> wrote:
Servers shouldn't have GUIs.

Ubuntu has the right idea.  (So does SLES, by the way.)

-Josh More, CISSP, GIAC-GSLC, GIAC-GCIH, RHCE, NCLP
morej at alliancetechnologies.net<mailto:morej at alliancetechnologies.net>
515-245-7701
________________________________
From: cialug-bounces at cialug.org<mailto:cialug-bounces at cialug.org> [cialug-bounces at cialug.org<mailto:cialug-bounces at cialug.org>] on behalf of Tim Champion [timchampion at gmail.com<mailto:timchampion at gmail.com>]
Sent: Tuesday, September 07, 2010 19:42

To: Central Iowa Linux Users Group
Subject: Re: [Cialug] CentOS & GPT

Last time I installed Ubuntu server, the default install was no GUI.  Instead, I installed the "desktop" version of 10.04 and added what I needed with aptitude.

Its running LAMP + Samba in a production environment.

Tim Champion
timchampion at gmail.com<mailto:timchampion at gmail.com>


On Tue, Sep 7, 2010 at 6:04 PM, Don Ellis <don.ellis at gmail.com<mailto:don.ellis at gmail.com>> wrote:
Ok, I'm downloading Ubuntu Server, and I'll bring it over tomorrow to
try. (My pipe is bigger than yours. ;-)

And, it's free (without support contract). I'll look for the Landscape
thingy when I get it.

--Don


On Tue, Sep 7, 2010 at 5:34 PM, L. V. Lammert <lvl at omnitec.net<mailto:lvl at omnitec.net>> wrote:
> At 05:12 PM 9/7/2010, you wrote:
>
>>If I could just humbly suggest Ubuntu 10.04 LTS be considered, it is
>>an enterprise distribution that is supported with security releases
>>and point releases for 5 years. It's cost to license is $0 and if
>>support is needed, Ubuntu Advantage support for server is $320
>>/year. I'm using it on my EFI/GPT macbook pro and it is working fine.
>>
>><http://www.canonical.com/enterprise-services/ubuntu-advantage/server>http://www.canonical.com/enterprise-services/ubuntu-advantage/server
>>
>>The license includes use of the Landscape management console that
>>lets you manage your server through the web, which is pretty slick imho.
>
> The cost shows there as $320/yr, .. don't see a free option?
>
>         Lee
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org<mailto:Cialug at cialug.org>
http://cialug.org/mailman/listinfo/cialug


_______________________________________________
Cialug mailing list
Cialug at cialug.org<mailto:Cialug at cialug.org>
http://cialug.org/mailman/listinfo/cialug


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20100908/3547e5fc/attachment.htm

More information about the Cialug mailing list