> > I have never heard of a Linux vendor saying that Linux is > "secure out of the > > box." > > More than enough people assert that Linux is secure. Just > enter "Linux is > secure" in Google and you see what I mean: > > http://www.linuxunlimited.com/why-linux.htm > ``Properly configured and maintained, Linux is one of the > most secure operating > systems available today.'' <snip>
The key words here are "properly configured". One of the folowing links talked about the model being based on UNIX, true but the implementation is quite different. Take FreeBSD 5.1, though more solid than any first release of Linux, it is still referred to as a "New Technology Release" basically synonymous with beta. There "Production" release is 4.8 that I have on some of our servers (not running a gui). I have 5.1 as well as Linux on workstations. Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
