OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Locking down a Sun box
From: Martin Hepworth (martin.hepworthBLACKWELLSBOOKSHOPS.CO.UK)
Date: Thu Jun 15 2000 - 09:58:58 CDT

> -----Original Message-----
> From: Tony Moran [mailto:tonyAYAHUASCA.NET]
> Sent: Thursday, June 15, 2000 2:56 PM
> To: FOCUS-SUNSECURITYFOCUS.COM
> Subject: Re: Locking down a Sun box
>
>
> Martin Hepworth said:
>
> > IMHO you problem will be NT and IIS :-) (personally I'd run
> OpenBSD as the
> > web server, but thats just a personal choice)
>
>
> Over and above Solaris ? For what reasons out of interest ?

a low en pentium can do alot of statisc web serving (or even off loading the
stuff to a big SUN box), its got more hardware support then solaris on x86,
its well audited code, and is blisteringly fast is secure out of the box.
Like I say just persomal preference. Solaris 8 is worth considering, but
I've not used on older kit that I like to reuse for web-servers etc.

> I have heard
> that the OpenBSD Group are extremely fast to respond to
> issues like bugs
> and newly discovered vulnerabilities.
>

all the 'free' *nix groups are, the recent Linux 2.2 kernal problem was
fixed aa couple of hours after it was first reported.

> Also what does the list think of Solaris 8 ? Is it worth an
> all 2.6 shop
> even investigating..? Personaly I let sleeping dogs lie but
> others here
> are champing at the bit to try it out.
>

As soon as all our 3rd party software is certified on Sol 8 we'll move....

martin

DISCLAIMER
This e-mail contains information which is strictly confidential to the addressee. If you are not the intended recipient please note that any copying, use or dissemination of the contents of this e-mail is prohibited and unlawful. If you have received this e-mail in error, please contact the Sender to arrange for its return.

The information, images, documents and views expressed in this e-mail are personal to the Sender and do not expressly or implicitly represent official positions and policies of Blackwell's and are given entirely without prejudice and subject to contract.