I have been making some fairly significant changes to my forensic boxes by replacing Debian Etch and Ubuntu 7.10 respectively with Gentoo 2008.0 (still in beta at the moment but apparently stable).

There are a number of reasons that prompted me to make the change, not least of which is the learning opportunity that installing a distro' like Gentoo provides. However, the deciding factor in the end was simply that I was fed up dealing with the bloat and perceived lack of control that come with those distributions.

I now know my system better than I have ever done before. I know which applications have been installed and where they are, and in some cases I know what impact they may have on other processes that I may want to run. I can control what gets mounted and where as well what doesn't. And I get to make informed choices about certain processes before they are executed. Above all I have learnt a great deal about the kind of 'under the hood' Linux configuration that always seemed to somehow elude me before.

More Here