Redhat has been known to be "buggy" and "insecure" to say the least, however it is my choice amung all distributions.
My question is probably a security question that applies to all OS in general: In my case, I'm setting up a firewall that is directly exposed to the internet, and will be my frontline defense against attacks and intrusions. Provided that I - install only what I need - are aware of the functions of utils/packages that I install - do not install things that can be used against me eg. compilers, sudo, screen, debugfs, dd etc. - do not install any irrelevant servers/daemons eg. httpd, ftpd, named, rpc*d etc. - keep my packages updated & stable - securing any services at the application level eg. customising kernel, xinetd, /etc/security/* etc. - monitor and apply errata (redhat.com/errata/) - monitor all logs - spend some time monitoring security advisories - use network monitoring, auditing, intrusion tools eg. snort, tripwire, user space plugins for iptables - physically isolate machines and services through better network topology/structure with security in mind I think any distribution can be ironclad. The difference then would be the effort required to secure a box & OS. So provided that I stick to the fundamental security concepts, am I wasting my time with Redhat compared to Debian or Slackware etc ? There're a lot of other little things that I've come to be aware of over the years eg. mount (ro) /, find / -perms +444 etc etc. I'm reading some security guides, Redhat 8.0 has an Official Red Hat Linux Security Guide (http://www.redhat.com/docs/manuals/linux) and other Redhat related security guides can be found at linuxdoc.org. Does anybody have further advice/suggestions on securing a Redhat box ? - don't use computers maybe ? :) I'm looking forward to having a less embarassing setup, and taking better security measures this time around. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
