I'm considering picking up a raq2 box mainly for backup dns and backup mail server usage. Extremely light http and cgi usage.
The provider will likely deliver it patched with the latest sun stuff. But since I think its EOL, more recent items like the sendmail issues would have to be addressed by 3rd parties.
I've skimmed all sorts of raq forums and sites for info lately.
It seems a sun patched "out-of-the-box" raq2 seems fairly secure and stable. Besides strengthen it via possible firewall (ipchains/iptables? what public packages are available?) and applying raqtweaks sendmail patches, what other items should be considered? ie, bind or is the installed version sufficient?
I realize this is a broad question, and know I do have sys admin exp - I've dealt with locking down bare linux and ensim boxes but I dont know what would break these raq2 setups.
- I assume MRTG's current requirements wont allow it to work on these raq2s? Or am I assuming prematurely?
- how many raq2 users have blown away the webui in favor of cobaltfaq's apache+mysql+php package?
TIA and I've tried to research as much on here, google, etc before posting.
The RAQ2 is a real pain to patch and update. It doesn't have much diskspace or RAM and really misses a lot of the standard stuff that would make it a usable server.
Having said that you can strip it down and install NetBSD and use that safely I believe.
Just my 2 cents