Re: Newbie: RedHat 8 or OpenBSD??

[Ash <ashcrow () phreaker net>]

On Friday 01 November 2002 09:16 pm, Vince Hillier wrote:
> A box is only as secure as it's maintainer makes it.  BSD claims we're most
> secure out of the box. They forget to mention that they run less services
> out of the box.

That is a really good point which I should have made. Thanks for pointing that 
out!

> As for auditing, almost evertything goes under an audit at one point or
> another, so why do we have security issues? Because people audit the code,
> and what do people make? That's right, mistakes.

Agreed, but I belive it does help to have people look over the code looking 
for both security issues and stability issues.

> As for what you should use, you shouldn't have to ask people this, you
> should choose what you like and you are most comfortable with.

This is another good point, but I think it only goes so far. I wouldn't 
recomend someone use WuFTPd beacuse they are comfortable with it, it's just 
had such a bad history compared to other FTPd services. But I do agree on the 
grounds that if you install OpenBSD (or anything for that matter) and really 
do not know what your doing your probably going to end up with a box that has 
many problems.

> This nonsense that X OS is more secure then X is crap.  If you go ahead and
> install all kinds of services on a OpenBSD box, and never update them, then
> your OpenBSD box is no more secure then a house with no dorrs/windows. Same
> with Linux.  If you disable all the services but the ones needed to
> function, your box is pretty secure as long as you maintain it.

I agree to this as well, but I do belive OpenBSD and NetBSD have a better 'by 
default' setup than Red Hat because of bleeding edge/unpatched sources and 
more default services ..... but since an admin is going to maintain a system 
anyways it does become a mute point.

Ash