Home page logo

basics logo Security Basics mailing list archives

Re: Linux Distribution Recomendation
From: peter () devbox adamantix org (Peter Busser)
Date: Fri, 5 Mar 2004 13:52:17 +0100


For what it's worth, if you want a really secure *nix system, I would
seriously recommend OpenBSD.
AFAIK, it's probably one of the most secure *nix distro's out there right
now, and personally I wouldn't say that learning BSD over Linux is tough at
all, if you can work a Unix system, you're halfway there.
Also the really good point here is that OpenBSD boasts openly on their
website, "Only one remote hole in the default install, in more than 7
years!" Which is damn right impressive if you ask me, and AFAIK the remote
hole was cause via a flaw in SSH.

You may be impressed, but I don't think it says much. ``One remote hole in
more than 7 years'' is a statistic. There are lies, damned lies and statistics.
If you look in the Full-Disclosure and Bugtraq archives, you will find
discussions about the difference in terminology used by the OpenBSD people
and the rest of the world. For instance, when an exploitable kernel bug is
fixed, it is called a ``reliability fix''.

If you are looking for security related products, I think it is wise to look
at what those products cannot do instead of what they can do. Perfect security
does not exist. Therefore every product has got to have weaknesses. An honest
vendor or project will be able to tell you about them. If not, then either they
don't know what they are talking about or they try to deceive you.

Peter Busser

Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]