Home page logo
/

basics logo Security Basics mailing list archives

Re: Linux Distribution Recomendation
From: peter () devbox adamantix org (Peter Busser)
Date: Thu, 11 Mar 2004 10:16:24 +0100

Hi!

all distro uses the same sw
      - same kernel or tweekd ( broken )
      - same gcc/glibc
      - same bash
      - same sendmail
      - same dns
      - same apache
      - same ipchains/iptables
      - same mysql ....
      - same blah-blah ..

      ---> one distro is NOT more secure than another 

That is definitely not true, not all distributions are created equal. There is
a big difference in security between different distributions. Adamantix
provides:

- A kernel patch to make buffer exploits harder (PaX).
- A C/C++ compiler patch which makes stack exploits harder (SSP aka ProPolice).
- A kernel patch with improved access control (RSBAC)
- Almost all binaries have been recompiled for ASLR (Address Space Layout
  Randomisation, where binaries, libraries, stack and heap are located at
  randomised addresses in the process memory).

The combination of PaX and a proper RSBAC security policy can protect against
ALL arbitrary code injection and execution. Most remote exploits depend on the
ability to introduce and execute new code. There are ways around it, but they
require more sophistication, more effort and have a lower chance of success.

With a proper RSBAC security policy, even root cannot destroy the system
anymore. In other words, root is no longer God on the system. A well designed
policy could make the Linux kernel the weakest link.

Your assumptions are wrong, therefore your conclusion is wrong too.

              -- it solely depends on the user's ability to know
              how to make it equally or better secure than the other

and i'd still pick slackware ... if its my choice

Well, sure, use whatever you like best.

The vision behind Adamantix is to improve the overall security features of
sounds like what nsa linux and trustix used to claim ?? along with the
other secure linux ??

I don't know what they used to claim. Trustix is now a closed for-pay only
distribution it seems (correct me if wrong). And SELinux is just a kernel
patch. Adamantix provides RSBAC, which does everything SELinux does but more.
People who used both RSBAC and SELinux say that RSBAC is easier to use. But it
lacks good documentation though.

Groetjes,
Peter Busser

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault