On Friday 01 November 2002 09:16 pm, Vince Hillier wrote:
> A box is only as secure as it's maintainer makes it. BSD claims we're most
> secure out of the box. They forget to mention that they run less services
> out of the box.
That is a really good point which I should have made. Thanks for pointing that
out!
> As for auditing, almost evertything goes under an audit at one point or
> another, so why do we have security issues? Because people audit the code,
> and what do people make? That's right, mistakes.
Agreed, but I belive it does help to have people look over the code looking
for both security issues and stability issues.
> As for what you should use, you shouldn't have to ask people this, you
> should choose what you like and you are most comfortable with.
This is another good point, but I think it only goes so far. I wouldn't
recomend someone use WuFTPd beacuse they are comfortable with it, it's just
had such a bad history compared to other FTPd services. But I do agree on the
grounds that if you install OpenBSD (or anything for that matter) and really
do not know what your doing your probably going to end up with a box that has
many problems.
> This nonsense that X OS is more secure then X is crap. If you go ahead and
> install all kinds of services on a OpenBSD box, and never update them, then
> your OpenBSD box is no more secure then a house with no dorrs/windows. Same
> with Linux. If you disable all the services but the ones needed to
> function, your box is pretty secure as long as you maintain it.
I agree to this as well, but I do belive OpenBSD and NetBSD have a better 'by
default' setup than Red Hat because of bleeding edge/unpatched sources and
more default services ..... but since an admin is going to maintain a system
anyways it does become a mute point.
Ash
Received on Nov 04 2002
Intro
