On 6/2/05, Marc M <linuxr@xxxxxxxxx> wrote: > Hi, > > I work for a major defense contractor that is very tight with money at > times. Two years ago, before I came, they got RH 9 (bought or downloaded- > whatever). I guess that got deemed appropriate to buy at the time, and it > has been sitting here getting old ever since. The purpose of this server is > to run Symantec Manhunt on it as an IDS. They bought Manhunt at the same > time and never got around to deploying it until now. > > Now I am about to deploy a linux server (Dell) and I am trying to figure > out which version to go with - RH 9, FC 1-3, or whatever. I want it to be > redhat-based since I am the main admin, and I am more comfortable with that > than on debian based systems. > > On the other hand I am not sure what to do. My boss makes the argument > that we need to run the oldest, since he has seen versioning issues and > conflicts in this situation. However most of that is in the world of > Windows which does stupid things by default as we all know. > > In this scenario my argument is <still> that we should go with something > more recent. I don't like the idea of putting something out there that is > so old it isimpractical by today's standards, that am going to think is > stupid. I guess there is some wisdom in being able to keep the age of the > OS in sync with the age of the software, but in the linux realm, that really > isn't the same issue as it is in other areas - right? OTOH I don't want to > do a 'yum update' on the box and not be able to get updates because the > version is so <frickin'> old. I think FC2 would be a good choice. Although > it is still old, it at least is a little bit ahead of RH9. An additional > concern - even if I were to deploy FC2, I would probably want to upgrade > that too. Is that gonna be a problem? Can I upgrade versions of Fedora (2 > to 3 to whatever) on a production box without a lot of problems? Will yum > do that cleanly and consistently without a lot of headaches? > > Whatever choice I make is going to have to last for a good while. Does > anyone have any advice for this situation? I have a couple suggestions. First, what versioning issues are your boss worried about? If all you're trying to do is to get a stable box to run Manhunt, then first, figure out which distros Symantec supports Manhunt on. We sometimes run apps on unsupported distros, but we're then forced to be evasive with support techs. Not the worst problem in the world, but not insignificant, either. I would not be afraid of Debian in this case. The fact is, what you're asking for--a free distro that updates for a long time, but is also slow, tested, and stable--is exactly why Debian Stable is out there. In particular, since this is a single-purpose server, your lesser knowledge of Debian will be less of a hindrance. The only way you're going to learn it is by doing, and this is as right a reason to start as any. I also am not too worried about using FC in a production environment, especially on a single use box where you can limit the number of installed packages and thus the potential compatibility problems. But even with Fedora Legacy, support is only ~3 years from release. And for FC2, what is that, less than 2 years from now? If that's good enough for you, then keep FC as an option. If it's too short, forget it. As someone else said, WBEL and CentOS are probably good choices in your situations, too. They have longer update cycles, good RH compatibility, and are the right price for you. But I don't have experience with them.