On Mon, 26 Aug 2013, Tomasz Rola wrote:
The boring recommendation: Debian
Seconded, for the pros you gave. I'd consider recompiling kernel.
Oh, BTW. With regard to security etc, this is how my (oldie) dist says: => (501 1): apt-cache search harden | sort | less elfsh - The ELF shell eresi - The ERESI Reverse Engineering Software Interface harden - Makes your system hardened harden-clients - Avoid clients that are known to be insecure harden-development - Development tools for creating more secure programs harden-doc - Useful documentation to secure a Debian system harden-environment - Hardened system environment harden-nids - Harden a system by using a network intrusion detection system harden-remoteaudit - Audit your remote systems from this host harden-servers - Avoid servers that are known to be insecure harden-surveillance - Check services and/or servers automatically harden-tools - Tools to enhance or analyze the security of the local system hardening-includes - Makefile for enabling compiler flags for security hardening hardening-wrapper - Compiler wrapper to enable security hardening flags mrb - Manage incremental data snapshots with make/rsync mz - versatile packet creation and network traffic generation tool php4-suhosin - advanced protection module for php4 (END) Also, http://www.debian.org/doc/manuals/securing-debian-howto/ http://www.debian.org/doc/manuals/securing-debian-howto/ch-automatic-harden.... This in case you'd like to build something: https://wiki.debian.org/Hardening https://wiki.debian.org/HardeningWalkthrough Regards, Tomasz Rola -- ** A C programmer asked whether computer had Buddha's nature. ** ** As the answer, master did "rm -rif" on the programmer's home ** ** directory. And then the C programmer became enlightened... ** ** ** ** Tomasz Rola mailto:tomasz_rola@bigfoot.com **