On Fri, 16 Nov 2001, leon wrote: > Hi, > > I am about to set up a sys-log server on a production network and I was > wondering if anyone had any suggestions as to why one OS might be better > then another (for example why someone would choose Debian over Redhat or > Solaris over BSD) . I would like to stick to Unix or Linux based OS's > if possible. > > Thanks in advance, > > Leon
Hello leon, i see no problems on using any of the above mentioned systems if they're secured enough, some of the rules one might need to follow are restricting services, i'd sugest, if the server will be dedicated to craft logs from other syslogs, IDS's, firewall, routers, etc... to be firewalled, in case of linux iptables/ipchains, would be sufficient, only allow udp streams on port 514 comming from trusted machines. Besides, i didn't fully understood what you mean't by comparisson of the above systems, if their own purpose is logging, they work almost likely the same, also you might would like to check out the archive of the mailling list [EMAIL PROTECTED], and check sans.org there are some interesting documents concerning how to build a bastion host. Best regards, -Gonçalo.