Tony Duell wrote:
>I think it's important to realise that both Linux and FreeBSD are secure
>enough and stable enough for most users. Without question. There are no
>(AFAIK) gaping security holes in either system. Sure, they're not going
>to be secure enough for defense work, but the average user is not going
>to be able to trample all over the filesystem if the system is set up right.
I can't comment on FreeBSD, as I've never used it (I believe it's about
equal to Linux and NetBSD on terms of security). However, I've been using
Linux since 0.12, played with NetBSD years ago, and have been running
OpenBSD for a couple months now on one of my systems.
There is a program called 'saint' which is a offshoot of 'satan' I believe,
that you can use to test your systems security. I ran it against my
primary Linux box and then ran it against my OpenBSD server. Both running
pretty much out of the box, the Linux box was running Red Hat 5.1 and I'd
added a lot of stuff, but no real security changes. The OpenBSD box was
either 2.3 or 2.4 and totally out of the box. 'saint' found a LOT of
problems with Linux including a couple serious ones, there were two
warnings on the OpenBSD box, what were they, I had telnet and ftp turned
on. Linux on the other hand had all sorts of stuff turned on by default
that I didn't need or want, but had just never bothered to turn off.
Basically for a day-to-day workstation setup I'll run Linux, but if I want
a fairly secure box, I'll run OpenBSD, if I want a really secure box, I'll
use VMS. Consider this, I don't really like BSD, and am a major Linux fan!
Zane
| Zane H. Healy | UNIX Systems Adminstrator |
| healyzh_at_aracnet.com (primary) | Linux Enthusiast |
| healyzh_at_holonet.net (alternate) | Classic Computer Collector |
+----------------------------------+----------------------------+
| Empire of the Petal Throne and Traveller Role Playing, |
| and Zane's Computer Museum. |
|
http://www.dragonfire.net/~healyzh/ |
Received on Sun Jan 17 1999 - 15:03:06 GMT