[Cialug] CentOS & GPT

Matthew Nuzum newz at bearfruit.org
Tue Sep 7 21:22:25 CDT 2010 

I agree with Josh (and Josh, by the way, the font thing we discussed last
week... you've swung the other way - try 12px instead of 16).

However, I know just what you mean about wanting a gui. One thing you can do
is only run the gui when you need it. In the Ubuntu world you can do this
with /etc/init.d/gdm start. Still, every piece of software on your server
increases the chances of getting hacked.

Wasn't there a VNC client for the terminal? it gave you a graphical
interface without needing GNOME and that type of thing.

Also, you can become quite proficient with lynx, links or w3m which are
console based web browsers.

Regarding Landscape, it is not free, you get it as part of the Ubuntu
Advantage package (which also includes support at differing levels, IP
indemnifications and etc). As a Canonical employee I get it free which is
pretty nice. I get alerts when there are security updates for my servers, I
can launch and manage EC2 instances on demand and I can run scripts (though
I haven't done this yet). It's only downside is that it's Ubuntu only. You
can't manage debian machines let alone more foreign Linux variants.

For one or two servers Landscape may not be a big enough selling point but
I'm currently managing 5 and love it (my DNS server which I never log into
always got left out of the patch/update process).

On Tue, Sep 7, 2010 at 9:02 PM, Josh More <MoreJ at alliancetechnologies.net>wrote:

>  I understand where you're coming from, and I was probably too flippant in
> my earlier response.
>
> Here's the thing.  The more things running on a server the greater a chance
> of compromise.  We've all heard for years now that we should only run
> software on servers if it's entirely necessary.  We've all ignored this
> "best practice" at various times, and some of us have likely been burned by
> it.
>
> The problem is that we're in something of a new age of attacks.  We're
> seeing attackers specifically leverage the tools we use for documentation,
> specifically PDF readers and web browsers.  More disturbingly, we're seeing
> attacks that specifically target administrative tools.  Sure, webmin attacks
> are old news, but attacks against syslog servers (that do nothing except
> execute in pcap parsers when you research what's going on) and the like are
> on the rise.
>
> Really, if you need a system with documentation-reading abilities, use a
> laptop.  If you're in a server room, you should be able to plug into a
> network even if you don't have wifi/cell access.
>
> The easiest systems to maintain are the simplest systems.  Simple systems
> don't run GUIs.  Even Microsoft has (finally) learned this lesson.
>
> Now, that's not to say that there is no reason to ever run a GUI on a
> server.  If you're running a honey pot, it would be really useful.  ;)
> Also, as has been noted, some distros have a tangled dependency chain, and
> installing certain apps or libraries may have GUI requirements that don't
> really make sense.  If you wind up in that situation, it may be a good time
> to reconsider the distro you're using.
>
>
>
>  -Josh More, CISSP, GIAC-GSLC, GIAC-GCIH, RHCE, NCLP
> morej at alliancetechnologies.net
> 515-245-7701
>    ------------------------------
> *From:* cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf of
> Tim Champion [timchampion at gmail.com]
> *Sent:* Tuesday, September 07, 2010 20:09
>
> *To:* Central Iowa Linux Users Group
> *Subject:* Re: [Cialug] CentOS & GPT
>
>  makes it easier to google for the solution to the problem you are having
> while sitting at the console, but I guess the answer to that would be you
> are connected via ssh from your desktop in your office. - that has a GUI.
>
> But honestly, I've been in the server room at the console, and was really
> happy that the machine I was currently working on had firefox for googling,
> and I didn't have to switch the kvm over to a windows box so I could hit
> google.  xwindows doesn't really slow the computer down, especially when
> idle.
>
> Tim Champion
> timchampion at gmail.com
>
>
> On Tue, Sep 7, 2010 at 7:44 PM, Josh More <MoreJ at alliancetechnologies.net>wrote:
>
>>  Servers shouldn't have GUIs.
>>
>> Ubuntu has the right idea.  (So does SLES, by the way.)
>>
>>  -Josh More, CISSP, GIAC-GSLC, GIAC-GCIH, RHCE, NCLP
>> morej at alliancetechnologies.net
>> 515-245-7701
>>    ------------------------------
>> *From:* cialug-bounces at cialug.org [cialug-bounces at cialug.org] on behalf
>> of Tim Champion [timchampion at gmail.com]
>> *Sent:* Tuesday, September 07, 2010 19:42
>>
>> *To:* Central Iowa Linux Users Group
>> *Subject:* Re: [Cialug] CentOS & GPT
>>
>>    Last time I installed Ubuntu server, the default install was no GUI.
>> Instead, I installed the "desktop" version of 10.04 and added what I needed
>> with aptitude.
>>
>> Its running LAMP + Samba in a production environment.
>>
>> Tim Champion
>> timchampion at gmail.com
>>
>>
>> On Tue, Sep 7, 2010 at 6:04 PM, Don Ellis <don.ellis at gmail.com> wrote:
>>
>>> Ok, I'm downloading Ubuntu Server, and I'll bring it over tomorrow to
>>> try. (My pipe is bigger than yours. ;-)
>>>
>>> And, it's free (without support contract). I'll look for the Landscape
>>> thingy when I get it.
>>>
>>> --Don
>>>
>>>
>>> On Tue, Sep 7, 2010 at 5:34 PM, L. V. Lammert <lvl at omnitec.net> wrote:
>>> > At 05:12 PM 9/7/2010, you wrote:
>>> >
>>> >>If I could just humbly suggest Ubuntu 10.04 LTS be considered, it is
>>> >>an enterprise distribution that is supported with security releases
>>> >>and point releases for 5 years. It's cost to license is $0 and if
>>> >>support is needed, Ubuntu Advantage support for server is $320
>>> >>/year. I'm using it on my EFI/GPT macbook pro and it is working fine.
>>> >>
>>> >><http://www.canonical.com/enterprise-services/ubuntu-advantage/server>
>>> http://www.canonical.com/enterprise-services/ubuntu-advantage/server
>>> >>
>>> >>The license includes use of the Landscape management console that
>>> >>lets you manage your server through the web, which is pretty slick
>>> imho.
>>> >
>>> > The cost shows there as $320/yr, .. don't see a free option?
>>> >
>>> >         Lee
>>> >
>>> _______________________________________________
>>> Cialug mailing list
>>> Cialug at cialug.org
>>> http://cialug.org/mailman/listinfo/cialug
>>>
>>
>>
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>>
>>
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
>


-- 
Matthew Nuzum
newz2000 on freenode, skype, linkedin, identi.ca and twitter

"Lead, follow or get the hell out of the way." –Robert Nuzum (My dad)
summarizing an old military quote
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20100907/4bdab204/attachment-0001.htm

More information about the Cialug mailing list