Re: Quality of security assurance with Debian vs. RedHat vs. SuSE

To: debian-security@lists.debian.org
Cc: debian-security@lists.debian.org
Subject: Re: Quality of security assurance with Debian vs. RedHat vs. SuSE
From: Timm Gleason <timm@gleason.to>
Date: Wed, 12 Jun 2002 18:45:10 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.43.0206121840160.25639-100000@miranda.uranushertz.to>
In-reply-to: <[🔎] 20020612012610.14517ffa.ion@qwest.net>

I have been using Debian since version 0.93 and I have also had the
occasion to use RedHat. I cannot speak for specifically for the security
of one against the other, but the only RedHat server I ran for any time
did get rooted and had a rootkit installed on it. Now this isn't to say
that RedHat is less secure than Debian, but it was up to date on all
packages and the point of entry was an ssh exploit. An exploit that even
though the software version in use in the Debian package was older than
the RedHat one, it had already been back patched by the maintainers for
this particular exploit.  I replaced the ssh package on RedHat the day the
exploit announcement came out, unfortunatly the box had been rooted two
days prior to the announcement.

Wednesday, June 12 2002
--                              | ERROR: ERROR: ERROR: ERROR: ERROR:
Timm Gleason                    | {SMACK} C:\>
http://www.gleason.to/          |
http://www.uranushertz.to/      |
Quis custodiet iposos custodes? |


-----PGP PUBLIC KEY BLOCK AVAILABLE-----


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: Quality of security assurance with Debian vs. RedHat vs. SuSE
  - From: Brad B <ion@qwest.net>

Prev by Date: secure wap
Next by Date: Re: SSH2 Encryption
Previous by thread: Re: Quality of security assurance with Debian vs. RedHat vs. SuSE
Next by thread: Re: Quality of security assurance with Debian vs. RedHat vs. SuSE
Index(es):
- Date
- Thread