OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Windows 2000 Professional and firewalls
From: Moderator MS Focus List (modmsSECURITYFOCUS.COM)
Date: Tue Aug 01 2000 - 12:28:54 CDT

Well, I dislike religious discussions on OS Security, but I had to byte on
this one. We do a alot of statistical correlation here at SecurityFocus on
vulnerabilities given that, well, it's a large part of how we make a
living.

The notion that NT is somehow less secure than standard UNIX installations
is totally and completely incorrect. Furthermore, you are statistically
more likely to see a Microsoft fix in a shorter period of time than you
would for example a Solaris or SGI fix. Those two vendors are usually
slower to respond than MS these days. Yes, I know this sounds odd to some
of you, but it's true. We tend to deal with the vendors here quite a bit
and by far the two worst offenders in terms of late patches and spotty
response times are Sun and SGI (SGI is *terrible*). MS on the otherhand
has very good response time as does Redhat and FreeBSD.

In terms of base security, I do not believe Linux or any UNIX for that
matter is better or worse than NT. And to clarify for everyone on the
list, I am a UNIX bigot. I do not as a rule use NT for anything other than
word processing. In fact as I write this mail, I do so from a Solaris box
:>

-Al Huger