Hey JP folks,

Sorry to follow up via email chain but for me its easier for me to 
organize my mail via threads given I have about 3 dozen alias emails 
going into different boxen via gmail aliases.

I just wanted to comment on the most recent LUP regarding Linux malware 
and protection. I run hundreds of servers, many with well know public 
IP's (ips from decades old running class A networks...yeah those class 
A's....). I have some straight forward suggestions that have kept my pub 
facing bits from getting pwned.

I would be happy to elaborate but basically:

1. Fail2Ban
2. sshd_confid "permitroot without-password" - only allow root ssh 
logins when using private keys
3. Ossec/wazuh or other log reading aggregators for when you miss things

I have been told that many people turn off selinux on their servers 
during their kickstart installation script....I would not know about 
that though........................but it hasn't hurt _them_ yet....

Also, would love to know what you folks think about Ansible vs Salt. I 
have used both but am more of a salt fan myself as it allows our 
contracting company to reuse states between clients due to salts pillar 
system.

Thanks for all you do!
Morgan

P.S. The server I sent you guys is one of tens of thousands that run 
with inlet temps around 80 deg F so as long as you keep them under 90 
inlet temps you should be fine, even if they occasionally throttle.

P.P.S. I work in a datacenter and am incredibly close with the facility 
director who designed it if you need any advice on cooling/making a cool 
rack. FWIW, I would suggest a box with at least a big ol' hepa filter in 
the front. At the end of the day, HEPA filters are crucial in our 
datacenter.