guyLINUXBR.COM.BR

• Next message: Wandering One: "Re: security ratings"
• Previous message: Guilherme Mesquita: "Re: Server activity"
• Maybe in reply to: Scott Nursten: "security ratings"
• Next in thread: Wandering One: "Re: security ratings"
• Maybe reply: Guilherme Mesquita: "Re: security ratings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You forgot about the Solaris ;) and about IRIX, AIX, etc.

(ok all the boxes can be almost unhackable if they are well administrated,
but we're talking about ***DEFAULT*** out-of-the-box security, so dont mind
if I make some mistakes ;)

All I can say is that versions prior to 8 are more than a swiss cheese. And
I dont believe that 8 isnt such thing too :)

I can say also that slackware is a bit "preservative" distribution. It
doesnt install all alpha/devel software that redhat does. Ok, in redhat you
can have all the brand new stuff out of the box, but in slackware you can
have a much more reliable distribution (good for ones, bad for others).
Debian is a kind of "selective" redhat, you can have access to all the
potato stuff with just a shell command which is apt-get/apt-install. NetBSD
and OpenBSD are really sharp in security and I dont have to comment them
very much because most people know about their security ;) FreeBSD I would
say the same, but it has some small security problems, but much smaller
than Linux's.

About the other comercial Unixes, I can only say that HP-UX, IRIX and AIX
are almost the same as Solaris, maybe a bit worse ;) So you, "lazy admin",
better take care (and stay tunned in this mail list!) if you're using one
of those "a bit" old comercial unix distributions

--
.--------------------.
| Guilherme Mesquita |
| guylinuxbr.com.br |
| UIN # 5864338      |
`--------------------'
On Thu, 21 Sep 2000, Scott Nursten wrote:
> Date:         Thu, 21 Sep 2000 12:42:13 +0100
> To: FOCUS-LINUXSECURITYFOCUS.COM
> From: Scott Nursten <Scott.NurstenSTREETSONLINE.CO.UK>
> Reply-To: Focus on Linux Mailing List <FOCUS-LINUXSECURITYFOCUS.COM>
> Subject:      Re: security ratings
>
> Paul,
>
> I'm merely looking for a comparison of out of the box installations. At
> present, I play often with FreeBSD, OpenBSD, NetBSD, Debian, Slackware,
> Redhat and Slowlaris 6,7,8 ... I'm merely looking for what security
> native installations have. At present, there are stories going around
> about how BAD Redhat is coz a bunch of users haven't done a thing to
> their boxes since default install, and are now part of this scary
> "zombie / DDOS" network. Does this make Redhat bad?!? Of course not.
> However, at our organisation, there are lots of newbie individuals
> coming to me for advice on which direction to take in the new OS market.
> If there is / was some sort of default security rating, it would be
> really handy to use as a breakpoint between the BSD's (obviously it's
> OpenBSD in this case) or Linux's as there really isn't much difference
> between installing Redhat 6.2 or Debian 2.2. Slackware is a bit above a
> newbie really, but if they want to give it a try, it's definitely a good
> step to take!!!
>
> Anyway, just looking for another aspect to recommending a distro. Most
> people won't take the time to secure their boxes properly, and with this
> n mind, I'd like to send them off to war (as it seems to be these days)
> with a bit of armour.
>
> Rgds,
>
> Scott Nursten
>
> Paul ViM wrote:
> >
> > Scott,
> >
> > WHy would you want ratings on "out of the box"
> > OS if your putting it as a server when default
> > installations of most OS's have lots of holes
> > anyways.
> >
> > Paul
> >
> > Scott Nursten <Scott.NurstenSTREETSONLINE.CO.UK>
> > said:
> >
> > > Hi guys,
> > >
> > > Is there a defacto standard for security ratings
> > on "out of the box"
> > > unix / linux installations?
> > >
> > > Rgds,
> > >
> > >
> > > --
> > > Scott Nursten - Systems Administrator
> > > Streets Online Ltd.
> > >
> > > Business:       +44 (0) 1293 402 040
> > > Direct:         +44 (0) 1293 437 981
> > > Fax:            +44 (0) 1293 402 050
> > > Email:          scottnstreetsonline.co.uk
> > >
> > >
> > -------------------------------------------------------------------
> > >      |    "Facts do not cease to exist because
> > they are ignored."      |
> > >
> > |
> > Aldous Huxley       |
> > >
> > -------------------------------------------------------------------
> > >
> >
> > --
> > ViM - ViMproved.
>
> --
> Scott Nursten - Systems Administrator
> Streets Online Ltd.
>
> Business:       +44 (0) 1293 402 040
> Direct:         +44 (0) 1293 437 981
> Fax:            +44 (0) 1293 402 050
> Email:          scottnstreetsonline.co.uk
>
>      -------------------------------------------------------------------
>      |    "Facts do not cease to exist because they are ignored."      |
>      |                                             Aldous Huxley       |
>      -------------------------------------------------------------------

• Next message: Wandering One: "Re: security ratings"
• Previous message: Guilherme Mesquita: "Re: Server activity"
• Maybe in reply to: Scott Nursten: "security ratings"
• Next in thread: Wandering One: "Re: security ratings"
• Maybe reply: Guilherme Mesquita: "Re: security ratings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]