On Friday 01 November 2002 09:16 pm, Vince Hillier wrote: > A box is only as secure as it's maintainer makes it. BSD claims we're most > secure out of the box. They forget to mention that they run less services > out of the box.
That is a really good point which I should have made. Thanks for pointing that out! > As for auditing, almost evertything goes under an audit at one point or > another, so why do we have security issues? Because people audit the code, > and what do people make? That's right, mistakes. Agreed, but I belive it does help to have people look over the code looking for both security issues and stability issues. > As for what you should use, you shouldn't have to ask people this, you > should choose what you like and you are most comfortable with. This is another good point, but I think it only goes so far. I wouldn't recomend someone use WuFTPd beacuse they are comfortable with it, it's just had such a bad history compared to other FTPd services. But I do agree on the grounds that if you install OpenBSD (or anything for that matter) and really do not know what your doing your probably going to end up with a box that has many problems. > This nonsense that X OS is more secure then X is crap. If you go ahead and > install all kinds of services on a OpenBSD box, and never update them, then > your OpenBSD box is no more secure then a house with no dorrs/windows. Same > with Linux. If you disable all the services but the ones needed to > function, your box is pretty secure as long as you maintain it. I agree to this as well, but I do belive OpenBSD and NetBSD have a better 'by default' setup than Red Hat because of bleeding edge/unpatched sources and more default services ..... but since an admin is going to maintain a system anyways it does become a mute point. Ash
