My problems began, I think, when I installed MDK7.1 with a security level of "High". I avoided paranoid, because I felt it would be too limiting. No matter what I tried I couldn't get any services to connect from client machines. I tried msec 0 in desperation, and got a little closer: ftp would ask for a user, but *everything* was refused; ssh, http, etc. were the same way. I tore apart the msec scripts as best I could before a massive headache set in, but I realised that a whole pile of services, files, directories and other objects were being controlled that I didn't want messed with until I actually dealt with them. Overall, I prefer not having to reverse-engineer a system before I implement it. Mandrake's msec utility may be a thorough utility, and a rather effective one at locking the system to prevent intrusion, but I simply found it to be more of a hassle--to build the server that I needed--than was useful to me. In case you are interested, the gripe I have with MDK7.1 as a desktop OS is in it's implementation gnome/KDE organisation. I think the best move would be to get rid of the auto-menu, and use the developer's defaults for the desktop managers. Locating anything I was used to in other distros was rather frustrating. Also, helix-gnome (and this may be changing in 7.2) probably would have been a better choice. Please don't take my criticism to mean that I don't like MDK. Or that I'm attempting to demean the distro in any way. There are flaws with every distribution of linux these days, and there will be for some time. It is, as you know, a developing OS. And, not all distributions will be the right distro for everybody. I know admins that wouldn't dream of using a server with anything but Debian installed... and personally, I find Debian a little too confusing for me. -Greg ----- Original Message ----- From: "Vincent Danen" <[EMAIL PROTECTED]> > On Fri Oct 13, 2000 at 11:48:10PM -0400, Greg Stewart wrote: > > > "to say that Mandrake doesn't make a fantastic server is nonsense." > > > > I don't believe that's what I said... > > No, you're right... I may have said that the wrong way... to me, > Mandrake makes a fantastic server. Perhaps I should have said "to > imply" instead of "to say". > > I would really like to know why tou think that the security features > get in the way of your customization/configuration, however. If there > is something we can fix or enhance, we would like to know about it. I > have yet to find anything getting in the way of me doing anything I > want to with the server (unless I set it to paranoid security). I'd > like to know what your problems (frustration maybe?) with it is, if > you don't mind. > > > > On Fri Oct 13, 2000 at 06:35:45PM -0400, Greg Stewart wrote: > > > > > > > Actually, I agree: Don't fix what ain't broke--Red Hat is (still) > > developed > > > > as a server OS, where Mandrake makes a better Workstation OS--although > > there > > > > are security features to help "lock down" a Mandrake server that are > > > > installed in MDK7.1 by default, I have found them to get in the way of > > > > customisation/configuration. > > -- > [EMAIL PROTECTED], OpenPGP key available on www.keyserver.net > // Danen Consulting Services www.danen.net, www.freezer-burn.org > // MandrakeSoft, Inc. www.linux-mandrake.com > 1024D/FE6F2AFD 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD > > Current Linux uptime: 1 day 1 hour 34 minutes. > > ---------------------------------------------------------------------------- ---- > Keep in touch with http://mandrakeforum.com: > Subscribe the "[EMAIL PROTECTED]" mailing list. > ______________________________________________________________________________ Vous avez un site perso ? 2 millions de francs à gagner sur i(france) ! Webmasters : ZE CONCOURS ! http://www.ifrance.com/_reloc/concours.emailif
Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
