The TeamSpeak server is already running. I'm waiting for the officials to open the ports in the firewalls and set up the dns aliases.

I learned alot about server security the last days. Everyone out there who sets up a server should have a look at the PaX kernel patches and the PIE/SSP GCC extensions. At first I decided against using SSP, since it introduces some overhead, but the authors claim, that this is only around 8% in usual applications. This is totally acceptable for me.

So, the poor server had to do a emerge -e world again. Rebuilding the whole system from source is pretty easy with gentoo :)

Another thing that should be considered for every application are chrool jails.At least one more layer of security.

The next logical step would be to put the TeamSpeak binary into a virtual machine ...