this is my 2 cents tip, currently there's a secure ftp wrapper called safetp: http://www.cs.berkeley.edu/~smcpeak/SafeTP/ with that program you can use the ftp server you like more (my choice is ncftpd, free for personal use). from windog workstation the users can use any ftp client they like: acting as proxy this safetp encrypt the ftp password exchange. IMHO definetivly the lack of groupware tools as a simple (and secure) way to share files between users and from users and the rest of the world, the lack of acl, and the lack of really automatic way to install machines make the linux boxes administration a nightmare and normally are menace to the system security (how many sites are using ssh? many? but there're many more with a broken syslogd:-( ). best regards, antonio cavallo
currently there's a secure ftp wrapper called safetp: http://www.cs.berkeley.edu/~smcpeak/SafeTP/
with that program you can use the ftp server you like more (my choice is ncftpd, free for personal use). from windog workstation the users can use any ftp client they like: acting as proxy this safetp encrypt the ftp password exchange.
IMHO definetivly the lack of groupware tools as a simple (and secure) way to share files between users and from users and the rest of the world, the lack of acl, and the lack of really automatic way to install machines make
ACL's are somewhat overrated but would be nice. As far as install, RedHat does Kickstart, one floppy, config can be stored on server making it really nice, alas no other vendors seem to have this (HINT!).
the linux boxes administration a nightmare and normally are menace to the system security (how many sites are using ssh? many? but there're many more with a broken syslogd:-( ).
Hate to break it to you but ANY OS installed out of the box has root hacks (even OpenBSD). Updates are required, at least with linux we have autorpm/etc and can easily update from the command line remotely (unlike say NT, unless you invest in SMS). Have you looked at PiKT? see the LSKB.
best regards, antonio cavallo
-Kurt
ACL's are somewhat overrated but would be nice.
the problem is the alway present public directory in every large site where the users store working file: what's if two users in two different working group have to share big files? normally you can create a third group: this is impractical and error prone, if you have more than three users:-(
As far as install, RedHat does Kickstart, one floppy, config can be stored on server making it really nice, alas no other vendors seem to have this (HINT!).
alice/yast2 from suse, i found it very nice but the implementation is only in the early stage (this means unusable, at least alice).
Hate to break it to you but ANY OS installed out of the box has root hacks (even OpenBSD). Updates are required, at least with linux we have autorpm/etc and can easily update from the command line remotely (unlike say NT, unless you invest in SMS). Have you looked at PiKT? see the LSKB.
i'll check pikt. you're right about the "out of the box" installation is broken. win nt suck. saddly i fear that the solution "out of the box" is the only way to follow when someone likes to deploy workstations in a small/medium/large environment `-( i think the problem is in the way normally the distro are running: each is using his own configuration tools, his own rc config layout and so on. should be nice som sort of object oriented tool for managing machines (maybe coas was doing this, but it's drawback was only from caldera): add to this any db orientated way to store global data any maybe we can have better working linux-lans (and secure). in this win nt doesn't suck: they planned from the ground the registry (IMHO something clean, but wrongly implemented) and it's easy to share registry between machine and creating classes, without fear to destroy machine (they're self destroing:-))) i discovered that mostly security dangers are in the lack of time for the sysadmin to fix the almost stupid things: easier nets are easier to secure (IMHO). best regards, antonio cavallo
participants (2)
-
Antonio Cavallo -
Kurt Seifried