On 11/12/2011 08:08 AM, Christopher Chan wrote: > On Saturday, November 12, 2011 03:59 PM, Nataraj wrote: Not to necessarily feed this thread ... but the last 2 posts have been sane and relevant (as much as this topic can be). I used to use Debian as my distribution of choice before RHEL came out and I was on the staff at: http://www.linuxhelp.net/ There is nothing inherently WRONG with Debian and/or Ubuntu. They are just different. If I had to choose between the two to use as a stable server, I would pick Debian ... but both can be good distros. However, if you are Fedora, RHEL, CentOS only with respect to what you have managed in the past, then there is a learning curve to get proficient at doing Debian/Ubuntu. >> I believe the standard desktop uses Ubuntu's own installer. The Ubuntu >> server and the 'alternative' distribution use the debian installer. I >> fought with it at first, but it is much more flexible than the redhat >> installer. You can build arbitrary LVM/raid configurations with it and >> you can also go into the shell from the installer and customize things >> that you can't with the redhat installer. > > Last time I tried, you could not do lvm on raid and it was acknowledged > as such on the ubuntu-installer/ubuntu-devel-discuss list. Arbitrary > lvm/raid and lvm on raid has been possible on anaconda for quite a while. > >>> 3- I don't know about having a server being forced to connect to the >>> internet before you can even begin to secure >>> it up. But the only way to really install it is to do that. Wait til you >>> see the insecure firewall setup if gave me too.. >> I've not experienced any distribution to provide a great default >> firewall setup. What I do notice about Ubuntu server is there are very >> few services running in the default install, so if you probe a newly >> installed machine, it's not very vulnerable. I usually run new installs >> behind my Internet firewall anyway. I like doing a basic install and >> then adding the services that I want to enable, rather then a server >> install that comes up with dozens of services that you may not need and >> you have to turn them all off to secure the machine. > > Nobody said anything about any distribution providing a 'great' default > setup. Someone said something about dozens of firewall management tools > but in reality, they were all solutions that drive you insane. > > Redhat/Centos = service iptables save. End of story. > I agree with this too. > >>> 4- I picked the virtual host package, as the machine will hold guest >>> OS's (presumably ubuntu). >> I do like CentOS/Redhat 6 better as a virtualization server. Thing to >> realize here is that Redhat is leading the development effort for KVM, >> libvirt etc, so Ubuntu's code lags behind redhat. For the current >> stable Ubuntu 10.04 LTS release Ubuntu lags behind redhat 6 and since >> 10.04 LTS is a stable release it doesn't just get arbitrary updates >> unless they are security fixes. > > Sometimes stuff don't get updates at all. Even when working patches have > been provided. Maybe only some Canonical maintained packages get backports. This is one thing I have noticed as well. They do not NECESSARILY backport all security (or otherwise) updates. >> >> One thing I like about Ubuntu/debian is the /etc/network/interfaces file >> over /etc/sysconfig/network-scripts /etc/sysconfig/network. > > I must say that that is one thing among others nice in Debian. Just like > runparts is from Debian. > I like the Red Hat way now ... but that is because it is what I know now, not because it is necessarily better or worse. >> Just another flavor of linux. There are various packages that can be >> installed to do this for you. ufw is one of them. I prefer to use my >> own scripts though. > > Using your own scripts is the only sane way to do things...ufw, > fwbuilder, even shorewall are just either inadequate, inflexible or way > too complicated to trace/optimize things. Agreed. ====================================================================== The bottom line is this. Debian is a solid Linux distribution and it can be used to do anything you want to do. Ubuntu is also a solid Linux distribution. They are both quite good. If either of them work better for "YOU" (meaning a generic you and not specifically anyone in this thread) then by all means use them. Fedora is also a solid (and cutting edge) distribution ... test it and use it if it meets "YOUR" requirements. Scientific Linux is a very good distribution. If "YOU" like it, use it. If I was not using CentOS, I would be using Scientific Linux. Heck ... some people even like SUSE. We provide CentOS for people who want to use it ... for people who don't want too ... GREAT ... use what you want to use. That said, this list is for CentOS general discussions. Lets try to keep the discussion sane and somewhat on topic to the purpose of the list ... which, in case someone may not know .. is this: "This is a General discussion list for all issues CentOS. Security updates are currently announced on this list once daily." -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20111112/21a1bd68/attachment-0005.sig>