Jim Comen [SMTP:[EMAIL PROTECTED]] wrote: > I would characterize my findings as 'UNIX is more secure than NT but NT is > fast approaching the level of security offered by UNIX'. I've seen > recommendations to avoid NT but backed up by generalizations, rather than > example. Similarly, I've seen that UNIX has been suggested as a more > secure platform, but again, only backed up by generalization. I have no use for generalizations either but there are several solid reasons why Unix is more secure and reliable than NT in any server environment, especially as a firewall. System logs are one reason. How do you send one NT host's logs to another host, or several other hosts (for non-repudiation). Answer: you can't. How do you parse through multiple logs quickly using any text viewer in NT? Answer: you can't. How do you discriminate between NetBIOS and DNS names and IP addresses? Once again: you can't do this under NT. Remote access is important in any server farm. Sure you can setup RAS+VBscript+various other hacks under NT but it is not going to be reliable. Under Unix you install SSH for encrypted access including X11, even including public-key authentication. SSH is rock solid. And if the server goes down? The last large shop I worked at which used NT proxy firewalls had to reboot at least 3 times a week. This was with the best NT system administration available. I've never seen a well setup Unix firewall crash 3 times in a year. And what do you do when your NT firewall crashes, which it will do frequently? You really have no choice but to get to the console and power cycle the thing. NT has no provision for a serial console. You have to get up at 4am to drive to work and reboot your NT servers... These are not "generalizations" or other marketing hype they are the dirty truths about NT servers. Roger Marquis htttp://www.roble.com/ - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
