-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As to openBSD is more secure, I think your opinion is flawed heavily.
A box is only as secure as it's maintainer makes it. BSD claims we're most secure out of the box. They forget to mention that they run less services out of the box. As for auditing, almost evertything goes under an audit at one point or another, so why do we have security issues? Because people audit the code, and what do people make? That's right, mistakes. As for what you should use, you shouldn't have to ask people this, you should choose what you like and you are most comfortable with. This nonsense that X OS is more secure then X is crap. If you go ahead and install all kinds of services on a OpenBSD box, and never update them, then your OpenBSD box is no more secure then a house with no dorrs/windows. Same with Linux. If you disable all the services but the ones needed to function, your box is pretty secure as long as you maintain it. - - -----Original Message----- From: Ash [mailto:ashcrow@;phreaker.net] Sent: Thursday, October 31, 2002 5:28 PM To: GSG Designs; [EMAIL PROTECTED] Subject: Re: Newbie: RedHat 8 or OpenBSD?? On Wednesday 30 October 2002 03:56 pm, GSG Designs wrote: > I'm fairly new to this, so please bare with me. If this question has been > asked in the past, I apologize. I'm new to the listserv as well. Welcome to the list! > We are discussing starting our own web server. There is debate on whether > RedHat 8 or OpenBSD is more secure. What are your thoughts? We will be > doing online orders with credit card info, etc. Do you have any resources > to point us to? (We will be running Apache, probably a 'duh'.) OpenBSD is more secure. A lot of the code has been patched for strl* functions isntead of str* for one, there was a code audit, there is integrated suport for crypto, and it's the main focus of the project. One of the drawbacks to Red Hat is they like to use the latest software which can lead to the latest bugs. On a more practical note both can be setup to be 'secure' but it has been my experience that OpenBSD takes less time as long as you are comfortable in a Unix environment. Cheers, Ash - - --- Darkfire Secure Linux http://www.gnulinux.net -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 (Build 294) Beta iQA/AwUBPcM1sUBtW3tWqkVxEQIeNACg4lwkkhmxcqrXeoMVLfMx1yLjUGgAnjsf qMfiq4hP8WHx0j5mWW05Q+6v =MsIA -----END PGP SIGNATURE-----
