Discussion:
Which version to install (your vote counts!)?
Lan Barnes
2005-01-19 16:36:27 UTC
Permalink
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.

My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?

Votes without reasons won't be counted nearly as heavily as votes with
some rationale, however, I will entertain flames and raw prejudice if
properly labeled.

The management reserves the right to do whatever it damn well pleases
after the voting is over.
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

The really efficient laborer will be found not to
crowd his day with work, but will saunter to his task
surrounded by a wide halo of ease and leisure.
- Henry David Thoreau
ckuck at cts.com ()
2005-01-19 16:36:28 UTC
Permalink
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all
in CDROM. Which should I install?
Debian - no comment. Don't have it, never used it.

RH 6.0 vs. 5.2:

Slightly better install process for 6 (more options, better X setup,
"smart" kernel choice), but I think some of the packages on 5.2 may
be in better shape due to maturity. Samba comes to mind: I (and some
others too) had a great deal of problems getting printing to work
with the Samba release that comes with 6.0 - we fixed it by removing
the package and going back to the 1.9 Samba that came with RH 5.2.

I would give the nod to 6.0, though, you might find better laptop
support (especially for X) in that release.

-- Carl
Post by Lan Barnes
... I will entertain flames and raw prejudice if properly labeled.
Brian
2005-01-19 16:36:28 UTC
Permalink
Post by Lan Barnes
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
<ramble>
I am choosing 6.0 primarily for IPChains. I guess if you were serious
about Debian, you would have never have asked the question.

I also love Gnome. That's another point for 6.0, both KDE and Gnome can
be installed, and you can choose which window manager you want to run at
login time.

5.2 is "more stable" than 6.0, but I have only crashed Gnome once in
about 2 weeks, and it was probably my fault. I like the DHCP client
better in 5.2 than 6.0.
</ramble>

Big points for me are IPChains, and Gnome. If that does'nt interest
you, go 5.2, and upgrade your / and /usr partitions with 6.2 when it
comes out.

Brian
--
=========================================
If God dropped acid, would he see people?

***@sunset-cliffs.org
http://www.sunset-cliffs.org
John H. Robinson, IV
2005-01-19 16:36:30 UTC
Permalink
Post by Brian
I am choosing 6.0 primarily for IPChains. I guess if you were serious
about Debian, you would have never have asked the question.
IPChains is a recent kernel thing. You can use 5.2 and IPChains if you
upgrade to a recent kernel.

-john
John H. Robinson, IV
2005-01-19 17:57:16 UTC
Permalink
Post by Brian
I am choosing 6.0 primarily for IPChains. I guess if you were serious
about Debian, you would have never have asked the question.
IPChains is a recent kernel thing. You can use 5.2 and IPChains if you
upgrade to a recent kernel.

-john
David S. Jackson
2005-01-19 16:36:28 UTC
Permalink
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
Personally, I would choose Debian. It's lower profile, but IMHO it's higher
quality. I think its default installation is smarter, it doesn't make so
many decisions for you during installation. It leaves you with more
services turned off, especially ones that are potential security holes until
you learn what they are.

Also, apt-get is very easy and smart to use for upgrading machines. In
fact, you may never need to "upgrade" a machine again. You can run apt-get
from a cron job and it will keep the machine current.

Debian is a little different from Red Hat, and you don't hear that much
about it, but I actually think it's the best distribution out there. Why
not give it a look? You can hear about Red Hat or Caldera any time you
want. Can't walk twenty feet without tripping over a RH or COL box.

Haven't ever tried SuSE (for a long period) or Pacific HiTech.

--
David S. Jackson http://www.dsj.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
What's nice about GUI is that you see what you manipulate.
What's bad about GUI is that you can only manipulate what you see.
Nick Bastin
2005-01-19 16:36:28 UTC
Permalink
Post by David S. Jackson
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
Personally, I would choose Debian. It's lower profile, but IMHO it's higher
quality. I think its default installation is smarter, it doesn't make so
many decisions for you during installation. It leaves you with more
services turned off, especially ones that are potential security holes until
you learn what they are.
FWIW, you can get the same amount of control over a RH install, just
don't tell it to do the install for you. And, at the end of the
install, you can choose what services you want to start up at boot and
which you don't.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Nick Bastin
2005-01-19 17:57:13 UTC
Permalink
Post by David S. Jackson
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
Personally, I would choose Debian. It's lower profile, but IMHO it's higher
quality. I think its default installation is smarter, it doesn't make so
many decisions for you during installation. It leaves you with more
services turned off, especially ones that are potential security holes until
you learn what they are.
FWIW, you can get the same amount of control over a RH install, just
don't tell it to do the install for you. And, at the end of the
install, you can choose what services you want to start up at boot and
which you don't.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
darins at nosc.mil (Darin )
2005-01-19 16:36:28 UTC
Permalink
Debian doesn't seem to be System V ish from what I have heard? Is this true?
Also if not how does one do start up items i.e. /etc/rc.d/rc.local stuff. Or
am I totally
in left field with this question.

Darin

-----Original Message-----
From: David S. Jackson [mailto:***@dsj.net]
Sent: Friday, May 28, 1999 6:00 PM
To: kplug-***@kernel-panic.com
Subject: Re: Which version to install (your vote counts!)?
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
Personally, I would choose Debian. It's lower profile, but IMHO it's higher
quality. I think its default installation is smarter, it doesn't make so
many decisions for you during installation. It leaves you with more
services turned off, especially ones that are potential security holes until
you learn what they are.

Also, apt-get is very easy and smart to use for upgrading machines. In
fact, you may never need to "upgrade" a machine again. You can run apt-get
from a cron job and it will keep the machine current.

Debian is a little different from Red Hat, and you don't hear that much
about it, but I actually think it's the best distribution out there. Why
not give it a look? You can hear about Red Hat or Caldera any time you
want. Can't walk twenty feet without tripping over a RH or COL box.

Haven't ever tried SuSE (for a long period) or Pacific HiTech.

--
David S. Jackson http://www.dsj.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
What's nice about GUI is that you see what you manipulate.
What's bad about GUI is that you can only manipulate what you see.

---
http://www.kernel-panic.com
list archives http://www.ultraviolet.org/mail-archives/kplug-mail.html
To unsubscribe, send a message to the address shown in the
list-unsubscribe
header of this message.
John H. Robinson, IV
2005-01-19 16:36:30 UTC
Permalink
Post by darins at nosc.mil (Darin )
Debian doesn't seem to be System V ish from what I have heard? Is this true?
Also if not how does one do start up items i.e. /etc/rc.d/rc.local stuff. Or
am I totally
in left field with this question.
Debian is totaly SysV.

The difference in implementation is there is no /etc/rc.d directory.
/etc/rc1.d/
/etc/rc2.d/
/etc.init.d/

and the rest all exist.

There was once an interesting question on the #debian irc channel,
where someone had backed up the /etc directory of their system prior
to changing from RH to Debian, and after the install restoring the /etc
directory tree.

The consesus was that he did not have a Debian system after that.

And Nick, the RH 6.0 install, even in "expert" mode is not as customizable
as a Debian install. RH still does a lot of probing and guessing for you.

Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.


My opinion? Debian, of course. If no reason other than APT. Once you use
APT, you won't want to *ever* go back. RH's web-rpm (or whatever they
call it) is a nice try, but it does not touch APT yet. That, and APT,
dselect, and dpkg all will run over a telnet session. RH's web-rpm
won't.

Some other benefits of Debian over RH is that Debian, like the Linux
kernel, is not owned by a company. There is no economic advantage of
releasing prior to every bug fix being completed. (okay, every *known*
bug fix completed!)

Now I will be quiet before I enflame further Debian v. RH wars..

-john
Lan Barnes
2005-01-19 16:36:30 UTC
Permalink
John H. Robinson, IV wrote:
-snip of a pro-Debian discussion-
Post by John H. Robinson, IV
Now I will be quiet before I enflame further Debian v. RH wars..
-john
As the original asker of this question, let me say that this discussion
has been on a very high, non-flame plane IMHO.

There have been challenges to the term "stable" with regards to distros.
It's probably too late to change, but maybe we all should use a term
like "harmony" to emphasize that we're discussing things working
together in a distro.
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

Reality is that which, when you stop believing in it,
doesn't go away.
- Philip K. Dick
John H. Robinson, IV
2005-01-19 16:36:31 UTC
Permalink
Post by Lan Barnes
There have been challenges to the term "stable" with regards to distros.
It's probably too late to change, but maybe we all should use a term
like "harmony" to emphasize that we're discussing things working
together in a distro.
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.

As far as "harmoniousness" of distributions, I am totally at loss of
what you mean. The only toll that I know of that I *HATE* (even more
than GNOME thinking it knows better than I do) is Linuxconf.

Ugh. that tool is a blasphemy if you want my honest opinion. And they
are getting it ready for Debian.. ugh.

So, back to "harmony" all the distribution-specific tools I know work
great *with that distribution*. (Try using ``ntsysv'' on a Debian
system.. I dare you!) So I don't think much of that is an issue.

Ease of use, robustness of tools, quality of binary packages: sure,
all these are metrics, but working together? they all seem to me to be
the same (all = RH and Debian. I have never used any other distribution)

I should start using Ispell more often,

-john

PS: I ran this through Ispell, and it said that what I thought was correct
is indeed correct (distrIbution vs distrObution). So why do people
abbreviate distrIbution as distrO?
Ted Powell
2005-01-19 16:36:31 UTC
Permalink
Post by John H. Robinson, IV
[...]
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
Post by John H. Robinson, IV
PS: I ran this through Ispell, and it said that what I thought was correct
is indeed correct (distrIbution vs distrObution). So why do people
abbreviate distrIbution as distrO?
Just another source of aggro. :-)
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
rafaelzap at funtv.com ()
2005-01-19 16:36:33 UTC
Permalink
Post by Ted Powell
Post by John H. Robinson, IV
[...]
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
A Linux box can be run without a video card?!?
Ted Powell
2005-01-19 16:36:33 UTC
Permalink
Post by rafaelzap at funtv.com ()
Post by Ted Powell
[...unorthodox definition of system crash...]
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
A Linux box can be run without a video card?!?
Provided that you have a BIOS that doesn't throw a fit over it.
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
John H. Robinson, IV
2005-01-19 16:36:34 UTC
Permalink
Post by Ted Powell
Post by John H. Robinson, IV
[...]
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
you know what i mean! a headless box has differenct rules, as it
esentially *has* no console.

And, of course, you would not be running X, as Nick poiunted out,
is a minimum requirement for ultimate stability,

-john
Ted Powell
2005-01-19 16:36:34 UTC
Permalink
Post by John H. Robinson, IV
Post by Ted Powell
Post by John H. Robinson, IV
[...]
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
you know what i mean! a headless box has differenct rules, as it
esentially *has* no console.
Yes, I do. You are saying, "My criterion for a system crash still applies,
except for where it doesn't apply."

Your criterion fails to apply _any_ time the users are not reliant on
a functioning console. I merely gave an unarguable example of this.

I take it that your criterion is meaningful to you because you are
strongly reliant on having a functioning console on your machine. That's
fine, but it doesn't make your criterion universally applicable.

I routinely work on machines that are from five feet to two hundred miles
away from the one I'm sitting in front of. Some of them I've visited
and know that they have no keyboard or video card, others I just don't
know and don't need to know. For all I know, some of them are running
X servers and have crashed their console support.
Post by John H. Robinson, IV
And, of course, you would not be running X, as Nick poiunted out,
is a minimum requirement for ultimate stability,
Whether those machines are running X servers is of no concern to me;
I just run X clients on them.

The machine I'm sitting in front of has been running an X server since
Red Hat 3.0.3 three years ago, problem-free. If its console _should_
ever hang, I could simply move five feet to my right and keep working,
since the boxes over there do happen to have a (shared) console.
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
Robert La Quey
2005-01-19 16:36:34 UTC
Permalink
Post by John H. Robinson, IV
Post by Ted Powell
Post by John H. Robinson, IV
[...]
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
you know what i mean! a headless box has differenct rules, as it
esentially *has* no console.
And, of course, you would not be running X, as Nick poiunted out,
is a minimum requirement for ultimate stability,
-john
Hmm, I wonder if you could run X remotely. Then the video driver is on
another box and if it blasts the hardware the way you and Nick have
described it would take out the remote box, not the server.

That way you could have a server admin (for "user level" admin)
which was very friendly.

I gues you could also do this level of admin thru an httpd and
some cgi scripts.

Just a thought.
Ted Powell
2005-01-19 16:36:34 UTC
Permalink
Post by Robert La Quey
[...]
Hmm, I wonder if you could run X remotely. Then the video driver is on
another box and if it blasts the hardware the way you and Nick have
described it would take out the remote box, not the server.
I used to work as sysadmin in a shop where everybody (except the PC
board layout guy, who had a dedicated system) had an X terminal on his
or her desk. Our two main machines were in a 6' x 15' bank vault left
behind by a previous tenant. This experience, plus a few years at another
place with a similar setup, might explain why I don't have an emotional
attachment to being at an attached console.
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
Ted Powell
2005-01-19 17:57:17 UTC
Permalink
Post by John H. Robinson, IV
[...]
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
It seems to me that you'd have trouble describing the state of a linux
box running with no keyboard and no video card...
Post by John H. Robinson, IV
PS: I ran this through Ispell, and it said that what I thought was correct
is indeed correct (distrIbution vs distrObution). So why do people
abbreviate distrIbution as distrO?
Just another source of aggro. :-)
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
Nick Bastin
2005-01-19 16:36:31 UTC
Permalink
Post by John H. Robinson, IV
Post by Lan Barnes
There have been challenges to the term "stable" with regards to distros.
It's probably too late to change, but maybe we all should use a term
like "harmony" to emphasize that we're discussing things working
together in a distro.
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
I don't normally regard a machine as crashed if I can access it over a
serial console or a telnet session. The main reason is that I've never
found a problem that I couldn't fix over one of these links. I'd be
curious in knowing what problems you've had that you could telnet in but
couldn't fix the problem without a reboot.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Lan Barnes
2005-01-19 16:36:32 UTC
Permalink
John H. Robinson, IV wrote:
-snip-
Post by John H. Robinson, IV
As far as "harmoniousness" of distributions, I am totally at loss of
what you mean. The only toll that I know of that I *HATE* (even more
^^^^
Post by John H. Robinson, IV
than GNOME thinking it knows better than I do) is Linuxconf.
Ugh. that tool is a blasphemy if you want my honest opinion. And they
are getting it ready for Debian.. ugh.
So, back to "harmony" all the distribution-specific tools I know work
great *with that distribution*. (Try using ``ntsysv'' on a Debian
system.. I dare you!) So I don't think much of that is an issue.
Ease of use, robustness of tools, quality of binary packages: sure,
all these are metrics, but working together? they all seem to me to be
the same (all = RH and Debian. I have never used any other distribution)
I should start using Ispell more often,
-john
PS: I ran this through Ispell, and it said that what I thought was correct
is indeed correct (distrIbution vs distrObution). So why do people
abbreviate distrIbution as distrO?
---
http://www.kernel-panic.com
list archives http://www.ultraviolet.org/mail-archives/kplug-mail.html
To unsubscribe, send a message to the address shown in the list-unsubscribe
header of this message.
Your metrics are good (or at least, the same as mine). And I'll drop
"harmony" and go back to "stability" if you want. But anyone who says
that all distros work together as shipped never played with RH 5.0.
Maybe another metric for a distro is the size/criticality of the errata
download package that follows it.

As to ispell (and all spellers (except M$, which just flat out has
mispellings in its dictionsry)), it can't protect you from the typo that
replaces the right word with the wrong one. See "toll" above for "tool"
(or was it "troll"? ;-).
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

They have computers, and they may have other weapons of
mass destruction.
- Janet Reno
Nick Bastin
2005-01-19 17:57:17 UTC
Permalink
Post by John H. Robinson, IV
Post by Lan Barnes
There have been challenges to the term "stable" with regards to distros.
It's probably too late to change, but maybe we all should use a term
like "harmony" to emphasize that we're discussing things working
together in a distro.
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.
I don't normally regard a machine as crashed if I can access it over a
serial console or a telnet session. The main reason is that I've never
found a problem that I couldn't fix over one of these links. I'd be
curious in knowing what problems you've had that you could telnet in but
couldn't fix the problem without a reboot.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Lan Barnes
2005-01-19 17:57:19 UTC
Permalink
John H. Robinson, IV wrote:
-snip-
Post by John H. Robinson, IV
As far as "harmoniousness" of distributions, I am totally at loss of
what you mean. The only toll that I know of that I *HATE* (even more
^^^^
Post by John H. Robinson, IV
than GNOME thinking it knows better than I do) is Linuxconf.
Ugh. that tool is a blasphemy if you want my honest opinion. And they
are getting it ready for Debian.. ugh.
So, back to "harmony" all the distribution-specific tools I know work
great *with that distribution*. (Try using ``ntsysv'' on a Debian
system.. I dare you!) So I don't think much of that is an issue.
Ease of use, robustness of tools, quality of binary packages: sure,
all these are metrics, but working together? they all seem to me to be
the same (all = RH and Debian. I have never used any other distribution)
I should start using Ispell more often,
-john
PS: I ran this through Ispell, and it said that what I thought was correct
is indeed correct (distrIbution vs distrObution). So why do people
abbreviate distrIbution as distrO?
---
http://www.kernel-panic.com
list archives http://www.ultraviolet.org/mail-archives/kplug-mail.html
To unsubscribe, send a message to the address shown in the list-unsubscribe
header of this message.
Your metrics are good (or at least, the same as mine). And I'll drop
"harmony" and go back to "stability" if you want. But anyone who says
that all distros work together as shipped never played with RH 5.0.
Maybe another metric for a distro is the size/criticality of the errata
download package that follows it.

As to ispell (and all spellers (except M$, which just flat out has
mispellings in its dictionsry)), it can't protect you from the typo that
replaces the right word with the wrong one. See "toll" above for "tool"
(or was it "troll"? ;-).
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

They have computers, and they may have other weapons of
mass destruction.
- Janet Reno
John H. Robinson, IV
2005-01-19 17:57:16 UTC
Permalink
Post by Lan Barnes
There have been challenges to the term "stable" with regards to distros.
It's probably too late to change, but maybe we all should use a term
like "harmony" to emphasize that we're discussing things working
together in a distro.
I always read "stable" to mean "doesn't crash". Of course, a "crash" can
be more than one thing, but my litmus is if the machine can no longer
accept my *console* input, it has crashed. If I can telnet/ssh in and
reboot it, it *still crashed*.

As far as "harmoniousness" of distributions, I am totally at loss of
what you mean. The only toll that I know of that I *HATE* (even more
than GNOME thinking it knows better than I do) is Linuxconf.

Ugh. that tool is a blasphemy if you want my honest opinion. And they
are getting it ready for Debian.. ugh.

So, back to "harmony" all the distribution-specific tools I know work
great *with that distribution*. (Try using ``ntsysv'' on a Debian
system.. I dare you!) So I don't think much of that is an issue.

Ease of use, robustness of tools, quality of binary packages: sure,
all these are metrics, but working together? they all seem to me to be
the same (all = RH and Debian. I have never used any other distribution)

I should start using Ispell more often,

-john

PS: I ran this through Ispell, and it said that what I thought was correct
is indeed correct (distrIbution vs distrObution). So why do people
abbreviate distrIbution as distrO?
Neil Schneider
2005-01-19 16:36:31 UTC
Permalink
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
--
Neil Schneider ***@home.com
When you're in it up to your ears, keep your mouth shut.
John H. Robinson, IV
2005-01-19 16:36:31 UTC
Permalink
Post by Neil Schneider
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
be most surprised (if you expect to see any special files, that is).

Of course, on the target drive, the full /dev directory exists, as
you would expect.

Makes it hard to figure out why a particular partition won't mount
(what?! /dev/hda3 doesn't exist!?)

-john
Tracy R Reed
2005-01-19 16:36:31 UTC
Permalink
Post by John H. Robinson, IV
Post by John H. Robinson, IV
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
I HATE this! Many times I've wanted to fire up the boot disks to recover the
system and find that I can't mount my drives because there are no devices. I
have since learned to mknod the devices I need so I can mount the drive and
correct whatever is broken but it is a major pain. I know about rescue disks,
but Murphy's law implies that you will never have one on hand when you need
it. I've learned to let the RH boot disks recognize my hardware, load the
right modules, and then I jump in on the other console and make devices and
fix the problem.

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Nick Bastin
2005-01-19 16:36:31 UTC
Permalink
Post by Tracy R Reed
Post by John H. Robinson, IV
Post by John H. Robinson, IV
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
I HATE this! Many times I've wanted to fire up the boot disks to recover the
system and find that I can't mount my drives because there are no devices. I
FWIW, you won't have this problem if you boot off of the CD rather than
the boot disks. I know this obviously isn't a solution for people who
don't have the CD, or who have motherboards that can't boot off of CD.
However, it's really not that difficult to keep a rescue disk
around...besides, you could always use a slackware boot disk, or
something, which works fine too.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Nick Bastin
2005-01-19 17:57:17 UTC
Permalink
Post by Tracy R Reed
Post by John H. Robinson, IV
Post by John H. Robinson, IV
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
I HATE this! Many times I've wanted to fire up the boot disks to recover the
system and find that I can't mount my drives because there are no devices. I
FWIW, you won't have this problem if you boot off of the CD rather than
the boot disks. I know this obviously isn't a solution for people who
don't have the CD, or who have motherboards that can't boot off of CD.
However, it's really not that difficult to keep a rescue disk
around...besides, you could always use a slackware boot disk, or
something, which works fine too.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Tracy R Reed
2005-01-19 17:57:16 UTC
Permalink
Post by John H. Robinson, IV
Post by John H. Robinson, IV
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
I HATE this! Many times I've wanted to fire up the boot disks to recover the
system and find that I can't mount my drives because there are no devices. I
have since learned to mknod the devices I need so I can mount the drive and
correct whatever is broken but it is a major pain. I know about rescue disks,
but Murphy's law implies that you will never have one on hand when you need
it. I've learned to let the RH boot disks recognize my hardware, load the
right modules, and then I jump in on the other console and make devices and
fix the problem.

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Nick Bastin
2005-01-19 16:36:31 UTC
Permalink
Post by John H. Robinson, IV
Post by Neil Schneider
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
be most surprised (if you expect to see any special files, that is).
I honestly hope you're getting a shell on VC3, and not VC2, or that
could be part of your problem (unless RH changed it, but VC2 has always
been used, at least up through 5.2). In any case, mounting in /tmp is
generally regarded as a good thing, and it seems like the right place to
put stuff to me. Besides, why does it matter? It's only there on the
install, and if you need to screw with it, you know that...and if you
don't know that, you really shouldn't be messing with it.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Neil Schneider
2005-01-19 16:36:31 UTC
Permalink
I guess in the hundreds of times I've installed Red Hat I've never had
this problem. I have needed to check different VCs to find error
messages
related to the install, usually something with bad or misconfigured
hardware.
Post by John H. Robinson, IV
Post by Neil Schneider
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
be most surprised (if you expect to see any special files, that is).
Of course, on the target drive, the full /dev directory exists, as
you would expect.
Makes it hard to figure out why a particular partition won't mount
(what?! /dev/hda3 doesn't exist!?)
--
Neil Schneider ***@home.com
When you're in it up to your ears, keep your mouth shut.
Nick Bastin
2005-01-19 17:57:17 UTC
Permalink
Post by John H. Robinson, IV
Post by Neil Schneider
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
be most surprised (if you expect to see any special files, that is).
I honestly hope you're getting a shell on VC3, and not VC2, or that
could be part of your problem (unless RH changed it, but VC2 has always
been used, at least up through 5.2). In any case, mounting in /tmp is
generally regarded as a good thing, and it seems like the right place to
put stuff to me. Besides, why does it matter? It's only there on the
install, and if you need to screw with it, you know that...and if you
don't know that, you really shouldn't be messing with it.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Neil Schneider
2005-01-19 17:57:17 UTC
Permalink
I guess in the hundreds of times I've installed Red Hat I've never had
this problem. I have needed to check different VCs to find error
messages
related to the install, usually something with bad or misconfigured
hardware.
Post by John H. Robinson, IV
Post by Neil Schneider
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
be most surprised (if you expect to see any special files, that is).
Of course, on the target drive, the full /dev directory exists, as
you would expect.
Makes it hard to figure out why a particular partition won't mount
(what?! /dev/hda3 doesn't exist!?)
--
Neil Schneider ***@home.com
When you're in it up to your ears, keep your mouth shut.
John H. Robinson, IV
2005-01-19 17:57:16 UTC
Permalink
Post by Neil Schneider
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
I was referring to the install itself. If, during the install, you
activate a shell (on VC 2), and take a look under /dev, you will
be most surprised (if you expect to see any special files, that is).

Of course, on the target drive, the full /dev directory exists, as
you would expect.

Makes it hard to figure out why a particular partition won't mount
(what?! /dev/hda3 doesn't exist!?)

-john
Lan Barnes
2005-01-19 17:57:16 UTC
Permalink
John H. Robinson, IV wrote:
-snip of a pro-Debian discussion-
Post by John H. Robinson, IV
Now I will be quiet before I enflame further Debian v. RH wars..
-john
As the original asker of this question, let me say that this discussion
has been on a very high, non-flame plane IMHO.

There have been challenges to the term "stable" with regards to distros.
It's probably too late to change, but maybe we all should use a term
like "harmony" to emphasize that we're discussing things working
together in a distro.
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

Reality is that which, when you stop believing in it,
doesn't go away.
- Philip K. Dick
Neil Schneider
2005-01-19 17:57:16 UTC
Permalink
I'm not sure what you mean by this. RH creates mount points in /mnt
and all the device files are in /dev. If you are talking about the
mount points during the install on /tmp that is something entirely
different.
Post by John H. Robinson, IV
Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.
--
Neil Schneider ***@home.com
When you're in it up to your ears, keep your mouth shut.
Robert La Quey
2005-01-19 16:36:30 UTC
Permalink
Post by John H. Robinson, IV
Post by darins at nosc.mil (Darin )
Debian doesn't seem to be System V ish from what I have heard? Is this true?
Also if not how does one do start up items i.e. /etc/rc.d/rc.local stuff. Or
am I totally
in left field with this question.
Debian is totaly SysV.
The difference in implementation is there is no /etc/rc.d directory.
/etc/rc1.d/
/etc/rc2.d/
/etc.init.d/
and the rest all exist.
I am encountering RH vs Debian differences as I get my Linux Debian
box hooked up to @Home. Neil has written a good mini how-to on this
subject but it is RH specific. The configuration files have slightly
different locations. Just enough difference to confuse someone going
thru it the first time ... maybe we should write up a Debian translation
of Neil's @home how-to.
John H. Robinson, IV
2005-01-19 16:36:31 UTC
Permalink
Post by Robert La Quey
I am encountering RH vs Debian differences as I get my Linux Debian
subject but it is RH specific. The configuration files have slightly
different locations. Just enough difference to confuse someone going
thru it the first time ... maybe we should write up a Debian translation
That would require reading Neil's @home how-to...

-john
John H. Robinson, IV
2005-01-19 17:57:16 UTC
Permalink
Post by Robert La Quey
I am encountering RH vs Debian differences as I get my Linux Debian
subject but it is RH specific. The configuration files have slightly
different locations. Just enough difference to confuse someone going
thru it the first time ... maybe we should write up a Debian translation
That would require reading Neil's @home how-to...

-john
John H. Robinson, IV
2005-01-19 17:57:15 UTC
Permalink
Post by darins at nosc.mil (Darin )
Debian doesn't seem to be System V ish from what I have heard? Is this true?
Also if not how does one do start up items i.e. /etc/rc.d/rc.local stuff. Or
am I totally
in left field with this question.
Debian is totaly SysV.

The difference in implementation is there is no /etc/rc.d directory.
/etc/rc1.d/
/etc/rc2.d/
/etc.init.d/

and the rest all exist.

There was once an interesting question on the #debian irc channel,
where someone had backed up the /etc directory of their system prior
to changing from RH to Debian, and after the install restoring the /etc
directory tree.

The consesus was that he did not have a Debian system after that.

And Nick, the RH 6.0 install, even in "expert" mode is not as customizable
as a Debian install. RH still does a lot of probing and guessing for you.

Plus,in RH, that "nodes" are made on the fly in the /tmp directory,
instead of having the real important ones (/dev/hd* and /dev/sd*) in
the /dev directory. Make troubleshooting mounts very very difficult.


My opinion? Debian, of course. If no reason other than APT. Once you use
APT, you won't want to *ever* go back. RH's web-rpm (or whatever they
call it) is a nice try, but it does not touch APT yet. That, and APT,
dselect, and dpkg all will run over a telnet session. RH's web-rpm
won't.

Some other benefits of Debian over RH is that Debian, like the Linux
kernel, is not owned by a company. There is no economic advantage of
releasing prior to every bug fix being completed. (okay, every *known*
bug fix completed!)

Now I will be quiet before I enflame further Debian v. RH wars..

-john
Robert La Quey
2005-01-19 17:57:16 UTC
Permalink
Post by John H. Robinson, IV
Post by darins at nosc.mil (Darin )
Debian doesn't seem to be System V ish from what I have heard? Is this true?
Also if not how does one do start up items i.e. /etc/rc.d/rc.local stuff. Or
am I totally
in left field with this question.
Debian is totaly SysV.
The difference in implementation is there is no /etc/rc.d directory.
/etc/rc1.d/
/etc/rc2.d/
/etc.init.d/
and the rest all exist.
I am encountering RH vs Debian differences as I get my Linux Debian
box hooked up to @Home. Neil has written a good mini how-to on this
subject but it is RH specific. The configuration files have slightly
different locations. Just enough difference to confuse someone going
thru it the first time ... maybe we should write up a Debian translation
of Neil's @home how-to.
Neil Schneider
2005-01-19 16:36:28 UTC
Permalink
Post by Lan Barnes
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
It would depend on how reliable you expected it to be. Here's what I
notice.
RH 6.0 has better (read newer) support for some laptop stuff. It
installs
much more easily and detects more hardware. However, there seem to be
a lot
of little annoying bugs in it. And gnome has a habit of sprinkling
core files
all over the hard drive. I jokingly threatened to set up a little
program to
automatically send them as attachment to email to George Lebl
everytime one
was generated. Sometimes it even creates a cute little icon on the
desktop for
the core file. I think that's special. :o) BTW, lest you think
otherwise I really
do like gnome. I think it will be very nice, when it's finished.

I would use 5.2 on anything that had to be dependable, or mission
critical. I've
used it since I built this machine (2:18am up 112 days, 14:09) and
it's been
quite stable.

I've never tried Debian, I have plenty to do to learn everything I can
about Red
Hat, and another distribution would only be a distraction.
Post by Lan Barnes
Votes without reasons won't be counted nearly as heavily as votes with
some rationale, however, I will entertain flames and raw prejudice if
properly labeled.
The management reserves the right to do whatever it damn well pleases
after the voting is over.
--
Neil Schneider ***@home.com
When you're in it up to your ears, keep your mouth shut.
Lan Barnes
2005-01-19 16:36:29 UTC
Permalink
Post by Lan Barnes
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
I have gotten some thoughtful and considered answers to this, and I
thank all who have responded. The problem is, nothing has gotten me
closer to a decision.

Here's the thing (in the below, "stable" is used to mean that things
work together, and not refer to system up time):

1. RH 5.2 is attractive because all my experience is in RH, and 5.2 is
their most "stable" most "recent."

2. Debian 2.1 (which is based on kernel 2.0.36) is tempting for its
reputation for rock-solid quality control (everything works with
everything, they say). It is also supposed to be a Sys V boot, like RH.
The true-blue GNUism is nice, I suppose, but not a big factor for me.

3. RH 6.0 is tempting for the new kernel, GNOME, and better laptop
support -- but scary because of the newness issue.

So this is like a personality inventory -- I obviously want stability in
my version more than anything else. But my personal experience with
upgrades hs been bad (as opposed to reinstalls), so I don't want to stay
in 5.2 and then suffer a traumatic upgrade later.

O, pity me! <singing> Did you ever have to make up your mind . . .
</singing>
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

A man who is about to tell the truth should have one
foot in the stirrup.
- Traditional Mongol Proverb
wcurry at cts.com ()
2005-01-19 16:36:29 UTC
Permalink
Hi Lan,

Just wanted to put in my vote for Debian. I have run Slackware, Red Hat
(commercial), Caldera (commercial), and Debian. It will take something
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.

Most people don't realize that Debian has the largest official package
repository of any of the dists. The potato (unstable) version of Debian
has approx. 3,300 official packages. I don't remember how many slink
(stable) has. The packages are all available on official mirrors that
make for very easy system wide updates with a single command "apt-get".

It's not uncommon to hear remarks about how Debian is better for
"experienced" users, but I think it is an excellent beginners' dist. I
helped my brother-in-law install Debian, and he's having a great time
learning on it --- never touched unix before in his life.

Help is very easy to come by. Brian talked about getting help in Red Hat
at the last meeting. All the same facilities exist in the Debian docs
and package manager. In addition, the debian-user mail list is one of
the highest quality help forums ever formed among human-kind -- after
this one of course :) . The #debian channel is generally very good, too.
There are two bots -- dpkg and apt -- that can field various questions
about packages very similar to what Brian was showing with the web site
he suggested (can't remember the URL).

For example:

<wade> !find db2html
<Flugh> its really weird . running the script manually shows no errors. but it hangs when grepping a config file (can't remember which)
* journey sighs
<journey> apt: no, e-cvs is <REPLY>debs for E cvs snapshots can be found at http://www.debian.org/~ljlane/downloads/enlightenment-cvs (or for /etc/apt/sources.list, 'deb http://www.debian.org/~ljlane/downloads enlightenment-cvs/')
<apt> okay, journey.
<Flugh> so i rigged it :-)
<dpkg> wade: behold, db2html is in these 2 packages: misc/debbugs (/usr/lib/debbugs/db2html) and text/cygnus-stylesheets (/usr/bin/db2html)
* dpkg ponders: So many bytes, so few cps.

This is a great example because I just wanted to show how dpkg, a bot, answers a query about which .deb
package has the db2html prog in it, but between the query and response I accidentally captured
journey while he was teaching the other bot, apt, about e-cvs. Now anyone who wants to know
about e-cvs can ask apt about it.

If you want to use either KDE or Gnome, they are available .KDE isn't on the main mirror, but
I'm sure apt will tell you where it is :) . Also, I've heard Neil and others saying
that Gnome is always dumping core -- I don't know what is causing that, but I've never
seen it on Debian. Of course, being a Gnome user, I think it's fantastic.

I realize that you said it isn't so important to you to have a true blue GNU system. I think
it is an advantage, still, to have a dist that is so entrenched in the open source mentality.
In practical terms, it means thorough, constant testing, strict peer review, decisions made
by project participants whose concern is more about quality and their reputations, than
about commerce. This is why Debian 2.0 was an excellent dist , but everyone knows Red Hat users are
bound to be happier if they pass on Red Hat 5.0 or 6.0 and wait for the fixes (a viable alternative
for some).

I'll stop my rambling now... hope I added useful information to your collection.

Wade Curry
Tracy R Reed
2005-01-19 16:36:29 UTC
Permalink
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next. And security depends entirely
on the software itself, not the distrib encompassing it. When qpopper and imap
and portmap had their bugs, it affected all distributions.

--
Tracy Reed http://www.ultraviolet.org
Sang Kang
2005-01-19 16:36:30 UTC
Permalink
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next. And security depends entirely
on the software itself, not the distrib encompassing it. When qpopper and imap
and portmap had their bugs, it affected all distributions.
Yup, and kernel is as stable as the least stable device driver.

I think his point is that their packages (although could be haplessly outdated)
are proven in the field to be working very well with minimal security/stability
problem. Thus quality may differ from dist to dist. Bleeding edge is good,
but who want to bleed? :)
--
Sang Woo Kang ***@acm,org http://kahuna.sdsu.edu/~skang/ SDSU, USC
There's a saying in Silicon Valley: "The geeks shall inherit the earth."
The TCO of a company will be measured by the number of geek employees.
I believe in Angel, and their $
John H. Robinson, IV
2005-01-19 16:36:30 UTC
Permalink
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next.
FALSE!

Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.

Give me a buggy X server and screensaver. Yes, certain user level programs
can take down the system. The Linux kernel will *not* stand in my way.

Sometimes you can telnet in and reboot, but other times you cannot. Just
one of those things, I suppose.

This is a big reason why I will not run screensavers under X.

-john

PS: I have seen it with both Debian and RH systems.
Nick Bastin
2005-01-19 16:36:30 UTC
Permalink
Post by John H. Robinson, IV
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next.
FALSE!
Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.
Give me a buggy X server and screensaver. Yes, certain user level programs
can take down the system. The Linux kernel will *not* stand in my way.
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
George
2005-01-19 16:36:32 UTC
Permalink
Post by Nick Bastin
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
OH MY GOD!

NO!

It's still userland process, no matter what user it's running under, read
your kernel source, there is a HUGE difference between what's runnning in
kernel space and what's running in userspace

What proggies running as root can do is access the HARDWARE directly if they
want to and X can crash the video subsystem (however it can't crash any
proggies not dependant on it or on the video card), if the video

George

--
Nick Bastin
2005-01-19 16:36:32 UTC
Permalink
Post by George
Post by Nick Bastin
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
OH MY GOD!
NO!
It's the difference between userland and user space, George...sorry,
terms we use around here..probably not applicable to discussions on this
list. I wasn't implying that they weren't user space proggies. I'll
have to remember to ditch the regional jargon in the future.. ;-)
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
George
2005-01-19 16:36:32 UTC
Permalink
Post by Nick Bastin
Post by George
Post by Nick Bastin
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
OH MY GOD!
NO!
It's the difference between userland and user space, George...sorry,
terms we use around here..probably not applicable to discussions on this
list. I wasn't implying that they weren't user space proggies. I'll
have to remember to ditch the regional jargon in the future.. ;-)
However you imply that processes running as root are "running all over
protected memory space", which is not true, only kernel level code can do
that. (and even that can't as it will actually oops as soon as it gets out of
kernel owned memory)

George

--
Nick Bastin
2005-01-19 16:36:32 UTC
Permalink
Post by George
Post by Nick Bastin
It's the difference between userland and user space, George...sorry,
terms we use around here..probably not applicable to discussions on this
list. I wasn't implying that they weren't user space proggies. I'll
have to remember to ditch the regional jargon in the future.. ;-)
However you imply that processes running as root are "running all over
protected memory space", which is not true, only kernel level code can do
that. (and even that can't as it will actually oops as soon as it gets out of
kernel owned memory)
I'm not implying that they *are*, but that they *could*. I've seen this
in PPC linux...maybe we have a different way of managing protected
memory spaces. I'll be honest that I haven't seen it in x86 linux, but
I figured that it could still happen...maybe I was wrong. In either
case, any program that directly manipulates a piece of hardware (like
the x server does), will be able to crash a system. Come to think of
it, we can manipulate memory in linux/PPC (only on a mac AFAIK) using
OF..you could probably do it on a sparc too..and that's what generally
crashes the system. So, I guess you *can't* do that on an intel
machine. Hrmm...I guess there's some benefit to stupid hardware after all...
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Nick Bastin
2005-01-19 17:57:18 UTC
Permalink
Post by George
Post by Nick Bastin
It's the difference between userland and user space, George...sorry,
terms we use around here..probably not applicable to discussions on this
list. I wasn't implying that they weren't user space proggies. I'll
have to remember to ditch the regional jargon in the future.. ;-)
However you imply that processes running as root are "running all over
protected memory space", which is not true, only kernel level code can do
that. (and even that can't as it will actually oops as soon as it gets out of
kernel owned memory)
I'm not implying that they *are*, but that they *could*. I've seen this
in PPC linux...maybe we have a different way of managing protected
memory spaces. I'll be honest that I haven't seen it in x86 linux, but
I figured that it could still happen...maybe I was wrong. In either
case, any program that directly manipulates a piece of hardware (like
the x server does), will be able to crash a system. Come to think of
it, we can manipulate memory in linux/PPC (only on a mac AFAIK) using
OF..you could probably do it on a sparc too..and that's what generally
crashes the system. So, I guess you *can't* do that on an intel
machine. Hrmm...I guess there's some benefit to stupid hardware after all...
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
George
2005-01-19 17:57:18 UTC
Permalink
Post by Nick Bastin
Post by George
Post by Nick Bastin
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
OH MY GOD!
NO!
It's the difference between userland and user space, George...sorry,
terms we use around here..probably not applicable to discussions on this
list. I wasn't implying that they weren't user space proggies. I'll
have to remember to ditch the regional jargon in the future.. ;-)
However you imply that processes running as root are "running all over
protected memory space", which is not true, only kernel level code can do
that. (and even that can't as it will actually oops as soon as it gets out of
kernel owned memory)

George

--
Nick Bastin
2005-01-19 17:57:18 UTC
Permalink
Post by George
Post by Nick Bastin
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
OH MY GOD!
NO!
It's the difference between userland and user space, George...sorry,
terms we use around here..probably not applicable to discussions on this
list. I wasn't implying that they weren't user space proggies. I'll
have to remember to ditch the regional jargon in the future.. ;-)
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
George
2005-01-19 17:57:18 UTC
Permalink
Post by Nick Bastin
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
OH MY GOD!

NO!

It's still userland process, no matter what user it's running under, read
your kernel source, there is a HUGE difference between what's runnning in
kernel space and what's running in userspace

What proggies running as root can do is access the HARDWARE directly if they
want to and X can crash the video subsystem (however it can't crash any
proggies not dependant on it or on the video card), if the video

George

--
Robert La Quey
2005-01-19 16:36:30 UTC
Permalink
I think the point about the "stability" of one distro versus
another was that some distros typically install as default
a bunch of services. The naive user may then be exposing these
services (hence all of the security problems their use implies)
without even knowing they are doing so.

This analysis suggests that a more "stable" distro is one
which by default installs the minimum of services. Just a
completely different issue than the common kernel.

John's observation about X and Nick's point about X on servers
are very useful points. Anybody setting up a serious server
needs to understand the setup and security of the services
offered well enough to do it without X.
Tracy R Reed
2005-01-19 16:36:31 UTC
Permalink
Post by John H. Robinson, IV
Post by Tracy R Reed
I don't understand how one can call any one distribution more "stable" or
Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.
Yes, it can be done with any system. That is distribution independent. Your
reply does not address my comment. :)

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
John H. Robinson, IV
2005-01-19 16:36:31 UTC
Permalink
Post by Tracy R Reed
Post by John H. Robinson, IV
Post by Tracy R Reed
I don't understand how one can call any one distribution more "stable" or
Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.
Yes, it can be done with any system. That is distribution independent. Your
reply does not address my comment. :)
Ah. Some differences exist. When you get a distribution, you are getting a
*bunch* of precompiled programs. Some of these suid root. If the package
maintainer compiles in flaws, or makes bad assumptions, there goes your
stability. Independent of the kernel.

Granted, the kernel *is* the majority, but not the *totality* - which is
how you made it sound.

So you *still* have to look beyond the kernel to gauge overall system
stability. Taking a good look at the sysadmin is another way to gauge
system reliability, too.

Next up: security!

-john
Tracy R Reed
2005-01-19 16:36:31 UTC
Permalink
Post by John H. Robinson, IV
Next up: security!
And on that note, I had a thought today. This is a rare occurance so I want to
share it with everyone:

I had a salesdroid in my office the other day hawking his security warez. I
told him we use Linux and ipfwadm/ipchains and turn off all unneeded services
and read bugtraq which pretty much eliminated the need for his product and
scooted him out the door.

Linux has the above mentioned tools, as well as proxies/scanners, etc. nmap
and nessus are particularly useful but only to a certain extent. They help you
check for known vulnerabilities on a given host, but not for unknown ones on
the network in general.

What Linux does not have (which the salesdroids product did, it seems) which I
think would be pretty useful is a device which just sits on a network and
sniffs packets. It would look for suspicious things such as:

\xff\xff\xff/bin/sh
/bin/cat%20/etc/passwd

and other characteristic attack signatures as well as malformed packets,
sequence numbers which don't jive, probes to machines on your network which
won't be able to detect such probes themselves such as windows systems or ip's
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.

I'm not sure, but I don't think this machine would even need an IP of its own.
It seems like it should be possible to put a card into promiscuous mode
without even assigning an IP to it, but because promisc is an option to
ifconfig, I'm not sure. Even it it were necessary, you could just assign it a
non-routable ip. Then nobody would even be able to detect that their actions
were being monitored. The system could bring up a real interface for a split
second just long enough to email a report, and then go back into hiding.

Given a sufficiently broad definition of suspicious behavior, this setup could
probably catch all sorts of interesting things. Sure, there would be false
alarms, but I bet this can be dealt with reasonably. As always, it is
ultimately up to the human being to decide what is really a threat.

One wonders how much cpu power would be required to do this sort of thing on a
100Mb ethernet segment. You wouldn't necessarily have to scan all data for a
given TCP session. It can be worked out what to scan and how much in order to
give the best probability of catching problems.

If only I had the talent and time to implement such a thing...

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Nick Bastin
2005-01-19 16:36:31 UTC
Permalink
Post by Tracy R Reed
If only I had the talent and time to implement such a thing...
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Ted Powell
2005-01-19 16:36:32 UTC
Permalink
Post by Nick Bastin
Post by Tracy R Reed
If only I had the talent and time to implement such a thing...
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
A description of the O'Reilly book may be found at:

http://www.oreilly.com/catalog/satan/
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
Tracy R Reed
2005-01-19 16:36:32 UTC
Permalink
Post by Nick Bastin
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
But Satan is just another security scanner. It won't detect a lot of hacks or
unusual activity against hosts on the network in general that a sniffer would.

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Nick Bastin
2005-01-19 16:36:32 UTC
Permalink
Post by Tracy R Reed
Post by Nick Bastin
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
But Satan is just another security scanner. It won't detect a lot of hacks or
unusual activity against hosts on the network in general that a sniffer would.
You could build a module to do what you want..wouldn't be that big of a deal.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Nick Bastin
2005-01-19 17:57:18 UTC
Permalink
Post by Tracy R Reed
Post by Nick Bastin
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
But Satan is just another security scanner. It won't detect a lot of hacks or
unusual activity against hosts on the network in general that a sniffer would.
You could build a module to do what you want..wouldn't be that big of a deal.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
rafaelzap at funtv.com ()
2005-01-19 16:36:33 UTC
Permalink
Post by Nick Bastin
Post by Tracy R Reed
If only I had the talent and time to implement such a thing...
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
satan? Just what are you trying to suggest here? ;)
Ted Powell
2005-01-19 17:57:18 UTC
Permalink
Post by Nick Bastin
Post by Tracy R Reed
If only I had the talent and time to implement such a thing...
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
A description of the O'Reilly book may be found at:

http://www.oreilly.com/catalog/satan/
--
***@psg.com http://psg.com/~ted/ (Ted Powell)
his, her, its; not hi's, he'r, it's
Tracy R Reed
2005-01-19 17:57:18 UTC
Permalink
Post by Nick Bastin
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
But Satan is just another security scanner. It won't detect a lot of hacks or
unusual activity against hosts on the network in general that a sniffer would.

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
rafaelzap at funtv.com ()
2005-01-19 17:57:20 UTC
Permalink
Post by Nick Bastin
Post by Tracy R Reed
If only I had the talent and time to implement such a thing...
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
satan? Just what are you trying to suggest here? ;)

mark wolfe
2005-01-19 16:36:32 UTC
Permalink
Heh... Speak and it has been don already. :) Not to mention the fact
it was done by the Navy. :) Seems they leave a redhat box out on the
network sniffing packets, then dump that via ssh back through a firewall
where the data is analyzed.

http://www.nswc.navy.mil/ISSEC/CID/
Post by Tracy R Reed
What Linux does not have (which the salesdroids product did, it seems) which I
think would be pretty useful is a device which just sits on a network and
\xff\xff\xff/bin/sh
/bin/cat%20/etc/passwd
and other characteristic attack signatures as well as malformed packets,
sequence numbers which don't jive, probes to machines on your network which
won't be able to detect such probes themselves such as windows systems or ip's
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.
I'm not sure, but I don't think this machine would even need an IP of its own.
It seems like it should be possible to put a card into promiscuous mode
without even assigning an IP to it, but because promisc is an option to
ifconfig, I'm not sure. Even it it were necessary, you could just assign it a
non-routable ip. Then nobody would even be able to detect that their actions
were being monitored. The system could bring up a real interface for a split
second just long enough to email a report, and then go back into hiding.
Given a sufficiently broad definition of suspicious behavior, this setup could
probably catch all sorts of interesting things. Sure, there would be false
alarms, but I bet this can be dealt with reasonably. As always, it is
ultimately up to the human being to decide what is really a threat.
One wonders how much cpu power would be required to do this sort of thing on a
100Mb ethernet segment. You wouldn't necessarily have to scan all data for a
given TCP session. It can be worked out what to scan and how much in order to
give the best probability of catching problems.
If only I had the talent and time to implement such a thing...
--
Mark Wolfe http://www.wolfenet.org
Linux: The OS people choose without $200,000,000 of persuasion.
(By Mike Coleman.)
Tracy R Reed
2005-01-19 16:36:33 UTC
Permalink
Post by mark wolfe
Heh... Speak and it has been don already. :) Not to mention the fact
it was done by the Navy. :) Seems they leave a redhat box out on the
network sniffing packets, then dump that via ssh back through a firewall
where the data is analyzed.
Awesome! This seems to be precisely what I have been thinking of. Thanks!

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Tracy R Reed
2005-01-19 17:57:20 UTC
Permalink
Post by mark wolfe
Heh... Speak and it has been don already. :) Not to mention the fact
it was done by the Navy. :) Seems they leave a redhat box out on the
network sniffing packets, then dump that via ssh back through a firewall
where the data is analyzed.
Awesome! This seems to be precisely what I have been thinking of. Thanks!

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Mark T. Ganzer
2005-01-19 16:36:33 UTC
Permalink
What you are describing is a Intrusion Detection System (often referred to
as an IDS or NIDS). While there are commercial products that do this (like
NetRanger and Network Flight Recorder), it is easy to roll your own using
tcpdump/libpcap and a bunch of filters, which is what the SHADOW program at
http://www.nswc.navy.mil/ISSEC/CID/ does quite nicely.

-Mark Ganzer

----- Original Message -----
From: Tracy R Reed <***@ultraviolet.org>
To: <kplug-***@kernel-panic.com>
Sent: Tuesday, June 01, 1999 1:58 AM
Subject: Needed security tool (was: Which version to install... )
Post by Tracy R Reed
Post by John H. Robinson, IV
Next up: security!
And on that note, I had a thought today. This is a rare occurance so I want to
I had a salesdroid in my office the other day hawking his security warez. I
told him we use Linux and ipfwadm/ipchains and turn off all unneeded services
and read bugtraq which pretty much eliminated the need for his product and
scooted him out the door.
Linux has the above mentioned tools, as well as proxies/scanners, etc. nmap
and nessus are particularly useful but only to a certain extent. They help you
check for known vulnerabilities on a given host, but not for unknown ones on
the network in general.
What Linux does not have (which the salesdroids product did, it seems) which I
think would be pretty useful is a device which just sits on a network and
\xff\xff\xff/bin/sh
/bin/cat%20/etc/passwd
and other characteristic attack signatures as well as malformed packets,
sequence numbers which don't jive, probes to machines on your network which
won't be able to detect such probes themselves such as windows systems or ip's
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.
I'm not sure, but I don't think this machine would even need an IP of its own.
It seems like it should be possible to put a card into promiscuous mode
without even assigning an IP to it, but because promisc is an option to
ifconfig, I'm not sure. Even it it were necessary, you could just assign it a
non-routable ip. Then nobody would even be able to detect that their actions
were being monitored. The system could bring up a real interface for a split
second just long enough to email a report, and then go back into hiding.
Given a sufficiently broad definition of suspicious behavior, this setup could
probably catch all sorts of interesting things. Sure, there would be false
alarms, but I bet this can be dealt with reasonably. As always, it is
ultimately up to the human being to decide what is really a threat.
One wonders how much cpu power would be required to do this sort of thing on a
100Mb ethernet segment. You wouldn't necessarily have to scan all data for a
given TCP session. It can be worked out what to scan and how much in order to
give the best probability of catching problems.
If only I had the talent and time to implement such a thing...
--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
---
http://www.kernel-panic.com
list archives http://www.ultraviolet.org/mail-archives/kplug-mail.html
To unsubscribe, send a message to the address shown in the
list-unsubscribe
Post by Tracy R Reed
header of this message.
rafaelzap at funtv.com ()
2005-01-19 16:36:33 UTC
Permalink
Post by Tracy R Reed
Post by John H. Robinson, IV
Next up: security!
And on that note, I had a thought today. This is a rare occurance so I want to
I had a salesdroid in my office the other day hawking his security warez. I
...
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.
Now THERE is something I've been intending to ask about. Virii on Linux? I
haven't seen much mention of them. Do they exist? Are they a serious problem?
Tracy R Reed
2005-01-19 16:36:33 UTC
Permalink
Post by rafaelzap at funtv.com ()
Post by Tracy R Reed
and is actually using it. It could probably even detect viruses.
Now THERE is something I've been intending to ask about. Virii on Linux? I
haven't seen much mention of them. Do they exist? Are they a serious problem?
There are no known viruses which infect Linux. Someone is sure to point out a
virus called Bliss which was written for Linux. Bliss has never been found in
the wild because Linux does not allow it to propagate. The basic problem is
that Linux has filesystem permissions and lots of code is distributed as
source or downloaded from the original trusted site. Linux users don't trade
executables like Windows users do. There are no virus scanners for Linux
binaries because there are no viruses for Linux.

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
Nick Bastin
2005-01-19 17:57:17 UTC
Permalink
Post by Tracy R Reed
If only I had the talent and time to implement such a thing...
I'd try satan first...you normally don't leave it running all the time,
but you *could*.
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
mark wolfe
2005-01-19 17:57:18 UTC
Permalink
Heh... Speak and it has been don already. :) Not to mention the fact
it was done by the Navy. :) Seems they leave a redhat box out on the
network sniffing packets, then dump that via ssh back through a firewall
where the data is analyzed.

http://www.nswc.navy.mil/ISSEC/CID/
Post by Tracy R Reed
What Linux does not have (which the salesdroids product did, it seems) which I
think would be pretty useful is a device which just sits on a network and
\xff\xff\xff/bin/sh
/bin/cat%20/etc/passwd
and other characteristic attack signatures as well as malformed packets,
sequence numbers which don't jive, probes to machines on your network which
won't be able to detect such probes themselves such as windows systems or ip's
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.
I'm not sure, but I don't think this machine would even need an IP of its own.
It seems like it should be possible to put a card into promiscuous mode
without even assigning an IP to it, but because promisc is an option to
ifconfig, I'm not sure. Even it it were necessary, you could just assign it a
non-routable ip. Then nobody would even be able to detect that their actions
were being monitored. The system could bring up a real interface for a split
second just long enough to email a report, and then go back into hiding.
Given a sufficiently broad definition of suspicious behavior, this setup could
probably catch all sorts of interesting things. Sure, there would be false
alarms, but I bet this can be dealt with reasonably. As always, it is
ultimately up to the human being to decide what is really a threat.
One wonders how much cpu power would be required to do this sort of thing on a
100Mb ethernet segment. You wouldn't necessarily have to scan all data for a
given TCP session. It can be worked out what to scan and how much in order to
give the best probability of catching problems.
If only I had the talent and time to implement such a thing...
--
Mark Wolfe http://www.wolfenet.org
Linux: The OS people choose without $200,000,000 of persuasion.
(By Mike Coleman.)
Mark T. Ganzer
2005-01-19 17:57:19 UTC
Permalink
What you are describing is a Intrusion Detection System (often referred to
as an IDS or NIDS). While there are commercial products that do this (like
NetRanger and Network Flight Recorder), it is easy to roll your own using
tcpdump/libpcap and a bunch of filters, which is what the SHADOW program at
http://www.nswc.navy.mil/ISSEC/CID/ does quite nicely.

-Mark Ganzer

----- Original Message -----
From: Tracy R Reed <***@ultraviolet.org>
To: <kplug-***@kernel-panic.com>
Sent: Tuesday, June 01, 1999 1:58 AM
Subject: Needed security tool (was: Which version to install... )
Post by Tracy R Reed
Post by John H. Robinson, IV
Next up: security!
And on that note, I had a thought today. This is a rare occurance so I want to
I had a salesdroid in my office the other day hawking his security warez. I
told him we use Linux and ipfwadm/ipchains and turn off all unneeded services
and read bugtraq which pretty much eliminated the need for his product and
scooted him out the door.
Linux has the above mentioned tools, as well as proxies/scanners, etc. nmap
and nessus are particularly useful but only to a certain extent. They help you
check for known vulnerabilities on a given host, but not for unknown ones on
the network in general.
What Linux does not have (which the salesdroids product did, it seems) which I
think would be pretty useful is a device which just sits on a network and
\xff\xff\xff/bin/sh
/bin/cat%20/etc/passwd
and other characteristic attack signatures as well as malformed packets,
sequence numbers which don't jive, probes to machines on your network which
won't be able to detect such probes themselves such as windows systems or ip's
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.
I'm not sure, but I don't think this machine would even need an IP of its own.
It seems like it should be possible to put a card into promiscuous mode
without even assigning an IP to it, but because promisc is an option to
ifconfig, I'm not sure. Even it it were necessary, you could just assign it a
non-routable ip. Then nobody would even be able to detect that their actions
were being monitored. The system could bring up a real interface for a split
second just long enough to email a report, and then go back into hiding.
Given a sufficiently broad definition of suspicious behavior, this setup could
probably catch all sorts of interesting things. Sure, there would be false
alarms, but I bet this can be dealt with reasonably. As always, it is
ultimately up to the human being to decide what is really a threat.
One wonders how much cpu power would be required to do this sort of thing on a
100Mb ethernet segment. You wouldn't necessarily have to scan all data for a
given TCP session. It can be worked out what to scan and how much in order to
give the best probability of catching problems.
If only I had the talent and time to implement such a thing...
--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
---
http://www.kernel-panic.com
list archives http://www.ultraviolet.org/mail-archives/kplug-mail.html
To unsubscribe, send a message to the address shown in the
list-unsubscribe
Post by Tracy R Reed
header of this message.
rafaelzap at funtv.com ()
2005-01-19 17:57:20 UTC
Permalink
Post by Tracy R Reed
Post by John H. Robinson, IV
Next up: security!
And on that note, I had a thought today. This is a rare occurance so I want to
I had a salesdroid in my office the other day hawking his security warez. I
...
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.
Now THERE is something I've been intending to ask about. Virii on Linux? I
haven't seen much mention of them. Do they exist? Are they a serious problem?
Tracy R Reed
2005-01-19 17:57:17 UTC
Permalink
Post by John H. Robinson, IV
Next up: security!
And on that note, I had a thought today. This is a rare occurance so I want to
share it with everyone:

I had a salesdroid in my office the other day hawking his security warez. I
told him we use Linux and ipfwadm/ipchains and turn off all unneeded services
and read bugtraq which pretty much eliminated the need for his product and
scooted him out the door.

Linux has the above mentioned tools, as well as proxies/scanners, etc. nmap
and nessus are particularly useful but only to a certain extent. They help you
check for known vulnerabilities on a given host, but not for unknown ones on
the network in general.

What Linux does not have (which the salesdroids product did, it seems) which I
think would be pretty useful is a device which just sits on a network and
sniffs packets. It would look for suspicious things such as:

\xff\xff\xff/bin/sh
/bin/cat%20/etc/passwd

and other characteristic attack signatures as well as malformed packets,
sequence numbers which don't jive, probes to machines on your network which
won't be able to detect such probes themselves such as windows systems or ip's
which have not been assigned. It could also enforce security policy by
sniffing for passwords and alerting you as to what lamer has telnet running
and is actually using it. It could probably even detect viruses.

I'm not sure, but I don't think this machine would even need an IP of its own.
It seems like it should be possible to put a card into promiscuous mode
without even assigning an IP to it, but because promisc is an option to
ifconfig, I'm not sure. Even it it were necessary, you could just assign it a
non-routable ip. Then nobody would even be able to detect that their actions
were being monitored. The system could bring up a real interface for a split
second just long enough to email a report, and then go back into hiding.

Given a sufficiently broad definition of suspicious behavior, this setup could
probably catch all sorts of interesting things. Sure, there would be false
alarms, but I bet this can be dealt with reasonably. As always, it is
ultimately up to the human being to decide what is really a threat.

One wonders how much cpu power would be required to do this sort of thing on a
100Mb ethernet segment. You wouldn't necessarily have to scan all data for a
given TCP session. It can be worked out what to scan and how much in order to
give the best probability of catching problems.

If only I had the talent and time to implement such a thing...

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
John H. Robinson, IV
2005-01-19 17:57:16 UTC
Permalink
Post by Tracy R Reed
Post by John H. Robinson, IV
Post by Tracy R Reed
I don't understand how one can call any one distribution more "stable" or
Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.
Yes, it can be done with any system. That is distribution independent. Your
reply does not address my comment. :)
Ah. Some differences exist. When you get a distribution, you are getting a
*bunch* of precompiled programs. Some of these suid root. If the package
maintainer compiles in flaws, or makes bad assumptions, there goes your
stability. Independent of the kernel.

Granted, the kernel *is* the majority, but not the *totality* - which is
how you made it sound.

So you *still* have to look beyond the kernel to gauge overall system
stability. Taking a good look at the sysadmin is another way to gauge
system reliability, too.

Next up: security!

-john
Nick Bastin
2005-01-19 17:57:16 UTC
Permalink
Post by John H. Robinson, IV
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next.
FALSE!
Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.
Give me a buggy X server and screensaver. Yes, certain user level programs
can take down the system. The Linux kernel will *not* stand in my way.
Those are *not* userland programs. They run as root, and anything
running as root can run all over protected memory space, if it wishes,
and 'crash' the system. However, for what it's worth, this is usually
not a software crash..this crash was usually caused by X making a funky
call, and the hardware (usually a video card) taking a shit all over the
PCI bus. X is evil...if you want ultra-stable systems, don't run it. I
run it on my workstations, and they're all stable, but I don't do stupid
things either...for my servers, which need to be stable, why would I
install X?
--
Nick Bastin - RBB Systems, Inc.
The idea that Bill Gates has appeared like a knight in shining armour to
lead all customers out of a mire of technological chaos neatly ignores
the fact that it was he who, by peddling second-rate technology, led
them into it in the first place. - Douglas Adams
Robert La Quey
2005-01-19 17:57:16 UTC
Permalink
I think the point about the "stability" of one distro versus
another was that some distros typically install as default
a bunch of services. The naive user may then be exposing these
services (hence all of the security problems their use implies)
without even knowing they are doing so.

This analysis suggests that a more "stable" distro is one
which by default installs the minimum of services. Just a
completely different issue than the common kernel.

John's observation about X and Nick's point about X on servers
are very useful points. Anybody setting up a serious server
needs to understand the setup and security of the services
offered well enough to do it without X.
Tracy R Reed
2005-01-19 17:57:16 UTC
Permalink
Post by John H. Robinson, IV
Post by Tracy R Reed
I don't understand how one can call any one distribution more "stable" or
Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.
Yes, it can be done with any system. That is distribution independent. Your
reply does not address my comment. :)

--
Tracy Reed http://www.ultraviolet.org
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer
wcurry at cts.com ()
2005-01-19 16:36:31 UTC
Permalink
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next. And security depends entirely
on the software itself, not the distrib encompassing it. When qpopper and imap
and portmap had their bugs, it affected all distributions.
--
Tracy Reed http://www.ultraviolet.org
I certainly disagree. Overall stability certainly has a great deal to
do with the kernel, but the user's environment could certainly become
very difficult to use if not configured correctly. Or, let's say that
the package manager doesn't calculate the dependencies correctly, and a
network service that you rely on gets broken. These are two ways that a
specific distribution could make the system "unstable" for the user. I
guess the issue is how to define the word "unstable". As John pointed
out, X (as well as any other setuid root prog) is able to do nasty
things, so it's not *only* the kernel that could cause problems for
overall system stability.

With respect to security, I think it isn't too difficult to see
how a distribution could set up the system to be open to attack
unintentionally. Debian goes to some significant effort to make sure
that X is not easily exploited over the network. I appreciate the effort
there, even though I don't understand all the issues. Another example is
how Debian will ask you on install who you want to recieve root's mail
(on a per app basis- when necessary). I think this enhances security.
The administrator (even/especially a new one) is more likely to see
the system mail and catch security (or other) problems. One friend of
mine who never touched Unix before has installed a Linux router running
a bunch of services on his @home network. 3 months ago I tried to get
him up to speed on security, but he politely blew me off. 2 weeks ago
he asked me, " Hey , I logged on as root and found a bunch of cryptic
messages waiting for me. What does that mean?" Well what it means is
(aside from him being ignorant about security) is that Red Hat 5.0
sent all of root's email to root, and he never knew it existed. Small
thing to implement. Possibly a big deal in terms of the consequences. I
installed Debian 2.0 and can say it is more security conscious than his
comparable Red Hat distro out of the box. To clarify: I'm not bashing
Red Hat, These are just two distros I have recent experience with, so I
compared them.


Hope you guys all had a good Memorial Day weekend.

Wade Curry
Sang Kang
2005-01-19 17:57:15 UTC
Permalink
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next. And security depends entirely
on the software itself, not the distrib encompassing it. When qpopper and imap
and portmap had their bugs, it affected all distributions.
Yup, and kernel is as stable as the least stable device driver.

I think his point is that their packages (although could be haplessly outdated)
are proven in the field to be working very well with minimal security/stability
problem. Thus quality may differ from dist to dist. Bleeding edge is good,
but who want to bleed? :)
--
Sang Woo Kang ***@acm,org http://kahuna.sdsu.edu/~skang/ SDSU, USC
There's a saying in Silicon Valley: "The geeks shall inherit the earth."
The TCO of a company will be measured by the number of geek employees.
I believe in Angel, and their $
John H. Robinson, IV
2005-01-19 17:57:16 UTC
Permalink
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next.
FALSE!

Sorry, but that is false. I can take down a system (any system) with
the most stable kernel that you can come up with.

Give me a buggy X server and screensaver. Yes, certain user level programs
can take down the system. The Linux kernel will *not* stand in my way.

Sometimes you can telnet in and reboot, but other times you cannot. Just
one of those things, I suppose.

This is a big reason why I will not run screensavers under X.

-john

PS: I have seen it with both Debian and RH systems.
wcurry at cts.com ()
2005-01-19 17:57:16 UTC
Permalink
Post by Tracy R Reed
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next. And security depends entirely
on the software itself, not the distrib encompassing it. When qpopper and imap
and portmap had their bugs, it affected all distributions.
--
Tracy Reed http://www.ultraviolet.org
I certainly disagree. Overall stability certainly has a great deal to
do with the kernel, but the user's environment could certainly become
very difficult to use if not configured correctly. Or, let's say that
the package manager doesn't calculate the dependencies correctly, and a
network service that you rely on gets broken. These are two ways that a
specific distribution could make the system "unstable" for the user. I
guess the issue is how to define the word "unstable". As John pointed
out, X (as well as any other setuid root prog) is able to do nasty
things, so it's not *only* the kernel that could cause problems for
overall system stability.

With respect to security, I think it isn't too difficult to see
how a distribution could set up the system to be open to attack
unintentionally. Debian goes to some significant effort to make sure
that X is not easily exploited over the network. I appreciate the effort
there, even though I don't understand all the issues. Another example is
how Debian will ask you on install who you want to recieve root's mail
(on a per app basis- when necessary). I think this enhances security.
The administrator (even/especially a new one) is more likely to see
the system mail and catch security (or other) problems. One friend of
mine who never touched Unix before has installed a Linux router running
a bunch of services on his @home network. 3 months ago I tried to get
him up to speed on security, but he politely blew me off. 2 weeks ago
he asked me, " Hey , I logged on as root and found a bunch of cryptic
messages waiting for me. What does that mean?" Well what it means is
(aside from him being ignorant about security) is that Red Hat 5.0
sent all of root's email to root, and he never knew it existed. Small
thing to implement. Possibly a big deal in terms of the consequences. I
installed Debian 2.0 and can say it is more security conscious than his
comparable Red Hat distro out of the box. To clarify: I'm not bashing
Red Hat, These are just two distros I have recent experience with, so I
compared them.


Hope you guys all had a good Memorial Day weekend.

Wade Curry
Tracy R Reed
2005-01-19 17:57:15 UTC
Permalink
Post by wcurry at cts.com ()
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.
I don't understand how one can call any one distribution more "stable" or
"secure" than any other. System stability depends entirely on the kernel,
which is the same from one distrib to the next. And security depends entirely
on the software itself, not the distrib encompassing it. When qpopper and imap
and portmap had their bugs, it affected all distributions.

--
Tracy Reed http://www.ultraviolet.org
wcurry at cts.com ()
2005-01-19 17:57:14 UTC
Permalink
Hi Lan,

Just wanted to put in my vote for Debian. I have run Slackware, Red Hat
(commercial), Caldera (commercial), and Debian. It will take something
significant to make me change now. It has already been pointed out that
Debian has a very good reputation for being stable and secure.

Most people don't realize that Debian has the largest official package
repository of any of the dists. The potato (unstable) version of Debian
has approx. 3,300 official packages. I don't remember how many slink
(stable) has. The packages are all available on official mirrors that
make for very easy system wide updates with a single command "apt-get".

It's not uncommon to hear remarks about how Debian is better for
"experienced" users, but I think it is an excellent beginners' dist. I
helped my brother-in-law install Debian, and he's having a great time
learning on it --- never touched unix before in his life.

Help is very easy to come by. Brian talked about getting help in Red Hat
at the last meeting. All the same facilities exist in the Debian docs
and package manager. In addition, the debian-user mail list is one of
the highest quality help forums ever formed among human-kind -- after
this one of course :) . The #debian channel is generally very good, too.
There are two bots -- dpkg and apt -- that can field various questions
about packages very similar to what Brian was showing with the web site
he suggested (can't remember the URL).

For example:

<wade> !find db2html
<Flugh> its really weird . running the script manually shows no errors. but it hangs when grepping a config file (can't remember which)
* journey sighs
<journey> apt: no, e-cvs is <REPLY>debs for E cvs snapshots can be found at http://www.debian.org/~ljlane/downloads/enlightenment-cvs (or for /etc/apt/sources.list, 'deb http://www.debian.org/~ljlane/downloads enlightenment-cvs/')
<apt> okay, journey.
<Flugh> so i rigged it :-)
<dpkg> wade: behold, db2html is in these 2 packages: misc/debbugs (/usr/lib/debbugs/db2html) and text/cygnus-stylesheets (/usr/bin/db2html)
* dpkg ponders: So many bytes, so few cps.

This is a great example because I just wanted to show how dpkg, a bot, answers a query about which .deb
package has the db2html prog in it, but between the query and response I accidentally captured
journey while he was teaching the other bot, apt, about e-cvs. Now anyone who wants to know
about e-cvs can ask apt about it.

If you want to use either KDE or Gnome, they are available .KDE isn't on the main mirror, but
I'm sure apt will tell you where it is :) . Also, I've heard Neil and others saying
that Gnome is always dumping core -- I don't know what is causing that, but I've never
seen it on Debian. Of course, being a Gnome user, I think it's fantastic.

I realize that you said it isn't so important to you to have a true blue GNU system. I think
it is an advantage, still, to have a dist that is so entrenched in the open source mentality.
In practical terms, it means thorough, constant testing, strict peer review, decisions made
by project participants whose concern is more about quality and their reputations, than
about commerce. This is why Debian 2.0 was an excellent dist , but everyone knows Red Hat users are
bound to be happier if they pass on Red Hat 5.0 or 6.0 and wait for the fixes (a viable alternative
for some).

I'll stop my rambling now... hope I added useful information to your collection.

Wade Curry
Lan Barnes
2005-01-19 17:57:14 UTC
Permalink
Post by Lan Barnes
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
I have gotten some thoughtful and considered answers to this, and I
thank all who have responded. The problem is, nothing has gotten me
closer to a decision.

Here's the thing (in the below, "stable" is used to mean that things
work together, and not refer to system up time):

1. RH 5.2 is attractive because all my experience is in RH, and 5.2 is
their most "stable" most "recent."

2. Debian 2.1 (which is based on kernel 2.0.36) is tempting for its
reputation for rock-solid quality control (everything works with
everything, they say). It is also supposed to be a Sys V boot, like RH.
The true-blue GNUism is nice, I suppose, but not a big factor for me.

3. RH 6.0 is tempting for the new kernel, GNOME, and better laptop
support -- but scary because of the newness issue.

So this is like a personality inventory -- I obviously want stability in
my version more than anything else. But my personal experience with
upgrades hs been bad (as opposed to reinstalls), so I don't want to stay
in 5.2 and then suffer a traumatic upgrade later.

O, pity me! <singing> Did you ever have to make up your mind . . .
</singing>
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

A man who is about to tell the truth should have one
foot in the stirrup.
- Traditional Mongol Proverb
Lan Barnes
2005-01-19 17:57:13 UTC
Permalink
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.

My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?

Votes without reasons won't be counted nearly as heavily as votes with
some rationale, however, I will entertain flames and raw prejudice if
properly labeled.

The management reserves the right to do whatever it damn well pleases
after the voting is over.
--
Lan Barnes ***@earthlink.net
Icon Consulting, Inc 619-273-6677

The really efficient laborer will be found not to
crowd his day with work, but will saunter to his task
surrounded by a wide halo of ease and leisure.
- Henry David Thoreau
ckuck at cts.com ()
2005-01-19 17:57:13 UTC
Permalink
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all
in CDROM. Which should I install?
Debian - no comment. Don't have it, never used it.

RH 6.0 vs. 5.2:

Slightly better install process for 6 (more options, better X setup,
"smart" kernel choice), but I think some of the packages on 5.2 may
be in better shape due to maturity. Samba comes to mind: I (and some
others too) had a great deal of problems getting printing to work
with the Samba release that comes with 6.0 - we fixed it by removing
the package and going back to the 1.9 Samba that came with RH 5.2.

I would give the nod to 6.0, though, you might find better laptop
support (especially for X) in that release.

-- Carl
Post by Lan Barnes
... I will entertain flames and raw prejudice if properly labeled.
Brian
2005-01-19 17:57:13 UTC
Permalink
Post by Lan Barnes
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
<ramble>
I am choosing 6.0 primarily for IPChains. I guess if you were serious
about Debian, you would have never have asked the question.

I also love Gnome. That's another point for 6.0, both KDE and Gnome can
be installed, and you can choose which window manager you want to run at
login time.

5.2 is "more stable" than 6.0, but I have only crashed Gnome once in
about 2 weeks, and it was probably my fault. I like the DHCP client
better in 5.2 than 6.0.
</ramble>

Big points for me are IPChains, and Gnome. If that does'nt interest
you, go 5.2, and upgrade your / and /usr partitions with 6.2 when it
comes out.

Brian
--
=========================================
If God dropped acid, would he see people?

***@sunset-cliffs.org
http://www.sunset-cliffs.org
David S. Jackson
2005-01-19 17:57:13 UTC
Permalink
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
Personally, I would choose Debian. It's lower profile, but IMHO it's higher
quality. I think its default installation is smarter, it doesn't make so
many decisions for you during installation. It leaves you with more
services turned off, especially ones that are potential security holes until
you learn what they are.

Also, apt-get is very easy and smart to use for upgrading machines. In
fact, you may never need to "upgrade" a machine again. You can run apt-get
from a cron job and it will keep the machine current.

Debian is a little different from Red Hat, and you don't hear that much
about it, but I actually think it's the best distribution out there. Why
not give it a look? You can hear about Red Hat or Caldera any time you
want. Can't walk twenty feet without tripping over a RH or COL box.

Haven't ever tried SuSE (for a long period) or Pacific HiTech.

--
David S. Jackson http://www.dsj.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
What's nice about GUI is that you see what you manipulate.
What's bad about GUI is that you can only manipulate what you see.
darins at nosc.mil (Darin )
2005-01-19 17:57:13 UTC
Permalink
Debian doesn't seem to be System V ish from what I have heard? Is this true?
Also if not how does one do start up items i.e. /etc/rc.d/rc.local stuff. Or
am I totally
in left field with this question.

Darin

-----Original Message-----
From: David S. Jackson [mailto:***@dsj.net]
Sent: Friday, May 28, 1999 6:00 PM
To: kplug-***@kernel-panic.com
Subject: Re: Which version to install (your vote counts!)?
Post by Lan Barnes
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
Personally, I would choose Debian. It's lower profile, but IMHO it's higher
quality. I think its default installation is smarter, it doesn't make so
many decisions for you during installation. It leaves you with more
services turned off, especially ones that are potential security holes until
you learn what they are.

Also, apt-get is very easy and smart to use for upgrading machines. In
fact, you may never need to "upgrade" a machine again. You can run apt-get
from a cron job and it will keep the machine current.

Debian is a little different from Red Hat, and you don't hear that much
about it, but I actually think it's the best distribution out there. Why
not give it a look? You can hear about Red Hat or Caldera any time you
want. Can't walk twenty feet without tripping over a RH or COL box.

Haven't ever tried SuSE (for a long period) or Pacific HiTech.

--
David S. Jackson http://www.dsj.net
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
What's nice about GUI is that you see what you manipulate.
What's bad about GUI is that you can only manipulate what you see.

---
http://www.kernel-panic.com
list archives http://www.ultraviolet.org/mail-archives/kplug-mail.html
To unsubscribe, send a message to the address shown in the
list-unsubscribe
header of this message.
Neil Schneider
2005-01-19 17:57:13 UTC
Permalink
Post by Lan Barnes
I've just gotten a new laptop (Hitachi Visionbook). The Linux Laptop
site has an XConfig for it, so I'm pretty confident that it should be an
easy install.
My question is this: I have RedHat 5.2, RH 6.0, and Debian 2.1 all in
CDROM. Which should I install?
It would depend on how reliable you expected it to be. Here's what I
notice.
RH 6.0 has better (read newer) support for some laptop stuff. It
installs
much more easily and detects more hardware. However, there seem to be
a lot
of little annoying bugs in it. And gnome has a habit of sprinkling
core files
all over the hard drive. I jokingly threatened to set up a little
program to
automatically send them as attachment to email to George Lebl
everytime one
was generated. Sometimes it even creates a cute little icon on the
desktop for
the core file. I think that's special. :o) BTW, lest you think
otherwise I really
do like gnome. I think it will be very nice, when it's finished.

I would use 5.2 on anything that had to be dependable, or mission
critical. I've
used it since I built this machine (2:18am up 112 days, 14:09) and
it's been
quite stable.

I've never tried Debian, I have plenty to do to learn everything I can
about Red
Hat, and another distribution would only be a distraction.
Post by Lan Barnes
Votes without reasons won't be counted nearly as heavily as votes with
some rationale, however, I will entertain flames and raw prejudice if
properly labeled.
The management reserves the right to do whatever it damn well pleases
after the voting is over.
--
Neil Schneider ***@home.com
When you're in it up to your ears, keep your mouth shut.
David B. Rees
2005-01-19 16:36:33 UTC
Permalink
Post by rafaelzap at funtv.com ()
Now THERE is something I've been intending to ask about. Virii on Linux? I
haven't seen much mention of them. Do they exist? Are they a serious
problem?
I guess another genre of virus are trojan horses, which certainly do exist for
Unix systems. However, for a trojan horse to get into your system, they'd have
to compromise security of the machine in question first. It's certainly
possible a virus similar to today's crop of MS Macro Virus going around to
attach themselves to a Unix program or interact with a Unix program to generate
the the virus-like behavior, but it would require some insecure software for it
to penetrate in the first place. For instance, I could see a Unix user
downloading some unknown binary (or even shell script if the user doesn't check
it before running it) which then proceeds to modify the user's .cshrc or
.profile. But then, at least it would only affect that user's files.
(Another reason to do everything as a normal user unless you absolutely have
to)


-Dave
Loading...