[ale] Server Install

George Allen glallen01 at gmail.com
Wed Jun 30 00:53:25 EDT 2010


ALE:

I've used linux since 96, but it's always been at home. So, now, after
a 3-year anti FUD campaign at work, I *finally* have a chance to setup
a linux box to run some network tools for the organization.

For compliance reasons, we're supposed to run RHEL, because that's
what our security/patch guidelines are written to. So, I'm using
Centos, which I know nothing about, having always used
Slackware/Gentoo/Debian/Ubuntu. Of course I'll RTFM, but:

1) Is there a bare-bones version of RHEL/Centos that is the equivalent
of a 'server' or 'jeos' install? I did a Centos 5.5 install the other
day, picked only the "server task" (to put it in debian terms) and
still came out with a 2gig install. I'll try again without selecting
anything and see what it comes down to.

2) What is the best way to manage application of "configuration
items." There are the standard version control systems to track
changes. But I'd like something that can manage OS configuration items
based on a policy document. Maybe puppet, bastille, or cfengine? I'll
read up on each of these, but what do you suggest?

3) We get re-digested forms of CVEs that we're told to check and prove
compliance with. Our windows shop has this system in place with tools
that can read the XML of these alerts, execute scripts to test against
them (on windows), and then generate another report of compliance. We
will need something similar, what's out there for that?

Thanks,
George


More information about the Ale mailing list